1. Patchew
  2. linux
  3. View series

[PATCH] fbcon: Add check for return value

Ваторопин Андрей posted 1 patch 1 month, 3 weeks ago
There is a newer version of this series
drivers/video/fbdev/core/fbcon.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
[PATCH] fbcon: Add check for return value
Posted by Ваторопин Андрей 1 month, 3 weeks ago 
From: Andrey Vatoropin <a.vatoropin@crpt.ru>

If fbcon_open() fails when called from con2fb_acquire_newinfo() then
info->fbcon_par pointer remains NULL which is later dereferenced.

Add check for return value of the function con2fb_acquire_newinfo() to
avoid it.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: d1baa4ffa677 ("fbcon: set_con2fb_map fixes")
Cc: stable@vger.kernel.org
Signed-off-by: Andrey Vatoropin <a.vatoropin@crpt.ru>
---
 drivers/video/fbdev/core/fbcon.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
index e7e07eb2142e..7453377f3433 100644
--- a/drivers/video/fbdev/core/fbcon.c
+++ b/drivers/video/fbdev/core/fbcon.c
@@ -1047,7 +1047,8 @@ static void fbcon_init(struct vc_data *vc, bool init)
 		return;
 
 	if (!info->fbcon_par)
-		con2fb_acquire_newinfo(vc, info, vc->vc_num);
+		if (con2fb_acquire_newinfo(vc, info, vc->vc_num))
+			return;
 
 	/* If we are not the first console on this
 	   fb, copy the font from that console */
-- 
2.43.0
Re: [PATCH] fbcon: Add check for return value
Posted by Helge Deller 1 month, 1 week ago 
On 12/17/25 10:11, ÐаÑоÑопин ÐндÑей wrote:
> From: Andrey Vatoropin <a.vatoropin@crpt.ru>
> 
> If fbcon_open() fails when called from con2fb_acquire_newinfo() then
> info->fbcon_par pointer remains NULL which is later dereferenced.
> 
> Add check for return value of the function con2fb_acquire_newinfo() to
> avoid it.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.

I was unsure if I should apply this patch since we don't have a real problem.

This is inside the fbcon_init() function, so if con2fb_acquire_newinfo()
ever would have returned NULL, the kernel would have crashed and someone
would have reported it (or will report in the future if it happens).

Nevertheless, for correctness, I was tempted to change the check to a
WARN_ON() or BUG_ON() instead, but again: it never happened, so why
add bloat to the kernel ?

In the end, I've now applied this patch to the linux-fbdev git tree
as-is, just to avoid other people send similar patches based on
verification tool reports...

Thanks!
Helge
  
> Fixes: d1baa4ffa677 ("fbcon: set_con2fb_map fixes")
> Cc: stable@vger.kernel.org
> Signed-off-by: Andrey Vatoropin <a.vatoropin@crpt.ru>
> ---
>   drivers/video/fbdev/core/fbcon.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
> index e7e07eb2142e..7453377f3433 100644
> --- a/drivers/video/fbdev/core/fbcon.c
> +++ b/drivers/video/fbdev/core/fbcon.c
> @@ -1047,7 +1047,8 @@ static void fbcon_init(struct vc_data *vc, bool init)
>   		return;
>   
>   	if (!info->fbcon_par)
> -		con2fb_acquire_newinfo(vc, info, vc->vc_num);
> +		if (con2fb_acquire_newinfo(vc, info, vc->vc_num))
> +			return;
>   
>   	/* If we are not the first console on this
>   	   fb, copy the font from that console */

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.