proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-25 16:51:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

video/fb/video_fb: Fix possible integer overflow

Browse Source 
It is minimal possibility that the values being used here will overflow.
So, change the code to use the safemath function grub_mul() to ensure
that doesn't happen.

Fixes: CID 73761

Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Darren Kenny 2020-12-04 14:51:30 +00:00 committed by Daniel Kiper
parent 08e098b1db
commit 08413f2f4e
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
grub-core/video/fb/video_fb.c
View File

@ -1537,7 +1537,13 @@ doublebuf_pageflipping_init (struct grub_video_mode_info *mode_info,
volatile void *page1_ptr) volatile void *page1_ptr)
{ {
grub_err_t err; grub_err_t err;
grub_size_t page_size = mode_info->pitch * mode_info->height; grub_size_t page_size = 0;
if (grub_mul (mode_info->pitch, mode_info->height, &page_size))
{
/* Shouldn't happen, but if it does we've a bug. */
return GRUB_ERR_BUG;
}
framebuffer.offscreen_buffer = grub_malloc (page_size); framebuffer.offscreen_buffer = grub_malloc (page_size);
if (! framebuffer.offscreen_buffer) if (! framebuffer.offscreen_buffer)