Date: Mon, 25 Mar 2019 11:48:40 +0000 (UTC) From: Bruce Evans <bde@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r345496 - head/lib/libvgl Message-ID: <201903251148.x2PBmeFj064434@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bde Date: Mon Mar 25 11:48:40 2019 New Revision: 345496 URL: https://svnweb.freebsd.org/changeset/base/345496 Log: Fix another type of buffer overrun for segmented modes. The buffer index was not taken modulo the window size in VGLClear(). Segmented modes also need a kernel fix to almost work. The ioctl to set the window origin is broken. These bugs are rarely problems since non-VESA modes only need segmentation to support multiple pages but libvgl doesn't support multiple pages and treats these modes as non-segmented, and VESA modes are usually mapped linearly except on old hardware so they really are non-segmented. Modified: head/lib/libvgl/simple.c Modified: head/lib/libvgl/simple.c ============================================================================== --- head/lib/libvgl/simple.c Mon Mar 25 11:39:49 2019 (r345495) +++ head/lib/libvgl/simple.c Mon Mar 25 11:48:40 2019 (r345496) @@ -535,7 +535,8 @@ VGLClear(VGLBitmap *object, u_long color) VGLSetSegment(offset); len = min(total - offset, VGLAdpInfo.va_window_size); for (i = 0; i < len; i += object->PixelBytes) - bcopy(b, object->Bitmap + offset + i, object->PixelBytes); + bcopy(object->Bitmap + (offset + i) % VGLAdpInfo.va_window_size, b, + object->PixelBytes); offset += len; } break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903251148.x2PBmeFj064434>