geemili
/
SDL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed bug 3546 - SDL_EVDEV_is_console() uses type of wrong size when calling ioctl 

Rob

When calling ioctl(fd, KDGKBTYPE, &type) in SDL_EVDEV_is_console(), we declare type as an 'int'.  This should be a 'char'.  The subsequent syscall, and kernel code, only writes the lower byte of the word.

See: http://lxr.free-electrons.com/source/drivers/tty/vt/vt_ioctl.c?v=4.4#L399

ucval = KB_101;
ret = put_user(ucval, (char __user *)arg);

I've observed intermittent behavior related to this, and I can force an error condition by using an int initialized to 0xFFFFFFFF.  The resulting ioctl will set type to 0XFFFFFF02, and the conditional return in SDL_EVDEV_is_console() will fail.

Recommend changing to char, or masking off unused bits.
Sam Lantinga 2017-01-05 23:26:13 -08:00
parent b3e8db802e
commit 41be9756f0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/core/linux/SDL_evdev.c
View File

@ -150,7 +150,7 @@ static const char* EVDEV_consoles[] = {
};
static int SDL_EVDEV_is_console(int fd) {
int type;
char type;
return isatty(fd) && ioctl(fd, KDGKBTYPE, &type) == 0 &&
(type == KB_101 || type == KB_84);