Date: Tue, 19 Jan 2021 08:25:28 +0200 From: Toomas Soome <tsoome@me.com> To: Ravi Pokala <rpokala@freebsd.org> Cc: Toomas Soome <tsoome@FreeBSD.org>, "<src-committers@freebsd.org>" <src-committers@FreeBSD.org>, "<dev-commits-src-all@freebsd.org>" <dev-commits-src-all@FreeBSD.org>, "<dev-commits-src-main@freebsd.org>" <dev-commits-src-main@FreeBSD.org> Subject: Re: ad1ebbe5cea8 - main - loader: create local copy of mode list provided by vbeinfoblock Message-ID: <B62DA04E-15CB-4190-A7F7-23008D54A2BE@me.com> In-Reply-To: <7FCB573F-0BC6-429E-919C-6A87513DBD63@panasas.com> References: <202101160823.10G8NjEi016925@gitrepo.freebsd.org> <7FCB573F-0BC6-429E-919C-6A87513DBD63@panasas.com>
index | next in thread | previous in thread | raw e-mail
> On 19. Jan 2021, at 03:24, Ravi Pokala <rpokala@freebsd.org> wrote: > > Hi Toomas, > > -----Original Message----- > From: <owner-src-committers@freebsd.org> on behalf of Toomas Soome <tsoome@FreeBSD.org> > Date: 2021-01-16, Saturday at 00:23 > To: <src-committers@FreeBSD.org>, <dev-commits-src-all@FreeBSD.org>, <dev-commits-src-main@FreeBSD.org> > Subject: git: ad1ebbe5cea8 - main - loader: create local copy of mode list provided by vbeinfoblock > > The branch main has been updated by tsoome: > > URL: https://cgit.FreeBSD.org/src/commit/?id=ad1ebbe5cea8ffac0037966990ddf0f80faa55d5 > > commit ad1ebbe5cea8ffac0037966990ddf0f80faa55d5 > Author: Toomas Soome <tsoome@FreeBSD.org> > AuthorDate: 2021-01-16 10:18:32 +0000 > Commit: Toomas Soome <tsoome@FreeBSD.org> > CommitDate: 2021-01-16 10:23:22 +0000 > > loader: create local copy of mode list provided by vbeinfoblock > > Apparently some systems do corrupt mode list memory area, so we need > to use local copy instead. > > ... > > + vbe_mode_list_size = (uintptr_t)p - (uintptr_t)ml; > + vbe_mode_list = malloc(vbe_mode_list_size); > + if (vbe_mode_list == NULL) { > + free(vbe); > + vbe = NULL; > + free(vbe_mode); > + vbe_mode = NULL; > + } > + bcopy(ml, vbe_mode_list, vbe_mode_list_size); > + > + /* reset VideoModePtr, so we will not have chance to use bad data. */ > + vbe->VideoModePtr = 0; > > If allocation of vbe_mode_list failed, you're freeing things that were allocated before it, but then you're continuing on. The very next thing you do is the bcopy(), which dereferences vbe_mode_list, which is NULL because of the allocation failure. > > That doesn't seem right. > > Thanks, > > Ravi (rpokala@) > > yes, thanks! I do have fix waiting for any additional comments (Yuri Pankov was very kind to provide review feedback). So the update will be posted soon. thanks, toomashome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B62DA04E-15CB-4190-A7F7-23008D54A2BE>