Re: [PATCH] fbdev: pm3fb: Fix potential divide by zero

From: Geert Uytterhoeven
Date: Thu Jun 12 2025 - 05:29:53 EST

Next message: Fan Gong: "[PATCH net-next v02 1/1] hinic3: management interfaces"
Previous message: Paolo Abeni: "Re: [PATCH net-next v2] net: sysfs: Implement is_visible for phys_(port_id, port_name, switch_id)"
In reply to: Alex Guo: "Re: [PATCH] fbdev: pm3fb: Fix potential divide by zero"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Alex,

On Wed, 11 Jun 2025 at 18:12, Alex Guo <alexguo1023@xxxxxxxxx> wrote:
> > On Sat, 7 Jun 2025 at 22:14, Alex Guo <alexguo1023@xxxxxxxxx> wrote:
> > > variable var->pixclock can be set by user. In case it equals to
> > > zero, divide by zero would occur in pm3fb_check_var. Similar
> > > crashes have happened in other fbdev drivers. There is no check
> > > and modification on var->pixclock along the call chain to
> > > pm3fb_check_var. So we fix this by checking whether 'pixclock'
> > > is zero.
> > >
> > > Similar commit: commit 16844e58704 ("video: fbdev: tridentfb:
> > > Error out if 'pixclock' equals zero")
> > >
> > > Signed-off-by: Alex Guo <alexguo1023@xxxxxxxxx>
> >
> > Thanks for your patch, which is now commit 59d1fc7b3e1ae9d4
> > ("fbdev: pm3fb: fix potential divide by zero") in fbdev/for-next.
> >
> > > --- a/drivers/video/fbdev/pm3fb.c
> > > +++ b/drivers/video/fbdev/pm3fb.c
> > > @@ -998,6 +998,9 @@ static int pm3fb_check_var(struct fb_var_screeninfo *var, struct fb_info *info)
> > > return -EINVAL;
> > > }
> > >
> > > + if (!var->pixclock)
> > > + return -EINVAL;
> >
> > While this fixes the crash, this is correct behavior for an fbdev driver.
> > When a value is invalid, it should be rounded up to a valid value instead,
> > if possible.
>
> Thanks for your confirmation and suggestions.
>
> I added this patch based on existing checks on var->pixclock in other drivers, such as savagefb_check_var, nvidiafb_check_var, etc.
> Are you suggesting that it is better to replace an invalid value (var->pixclock == 0) with a default valid value, instead of returning -EINVAL?

Indeed.

> If so, could you advise what a suitable default value would be for this case?

The answer is hidden in the existing check below:

> > > +
> > > if (PICOS2KHZ(var->pixclock) > PM3_MAX_PIXCLOCK) {
> > > DPRINTK("pixclock too high (%ldKHz)\n",
> > > PICOS2KHZ(var->pixclock));
> > > return -EINVAL;
> > > }

It can be replaced by:

if (var->pixclock <= KHZ2PICOS(PM3_MAX_PIXCLOCK))
var->pixclock = KHZ2PICOS(PM3_MAX_PIXCLOCK) + 1;

The "+ 1" is needed because of rounding.

> Actually, I have found a few similar issues in other functions as well. I would like to make sure I am addressing them in the correct way.

That would be great. Thanks!

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

Next message: Fan Gong: "[PATCH net-next v02 1/1] hinic3: management interfaces"
Previous message: Paolo Abeni: "Re: [PATCH net-next v2] net: sysfs: Implement is_visible for phys_(port_id, port_name, switch_id)"
In reply to: Alex Guo: "Re: [PATCH] fbdev: pm3fb: Fix potential divide by zero"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]