From 6d99a232379317afed814a023fee464001f796ea Mon Sep 17 00:00:00 2001
From: Amlal El Mahrouss <amlal@nekernel.org>
Date: Fri, 18 Apr 2025 18:34:33 +0200
Subject: kernel, GfxKit: FIX: Check boundaries to avoid page fault.

Signed-off-by: Amlal El Mahrouss <amlal@nekernel.org>
---
 dev/kernel/src/Gfx/FBDeviceInterface.cc | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'dev')

diff --git a/dev/kernel/src/Gfx/FBDeviceInterface.cc b/dev/kernel/src/Gfx/FBDeviceInterface.cc
index a9b2be29..525f32b4 100644
--- a/dev/kernel/src/Gfx/FBDeviceInterface.cc
+++ b/dev/kernel/src/Gfx/FBDeviceInterface.cc
@@ -29,6 +29,13 @@ FBDeviceInterface& FBDeviceInterface::operator<<(FBDevicePacket* pckt)
 	if (!pckt)
 		return *this;
 
+	if (pckt->fHeight == 0 || pckt->fWidth == 0)
+		return *this;
+
+	if (pckt->fX > kHandoverHeader->f_GOP.f_Width ||
+		pckt->fY > kHandoverHeader->f_GOP.f_Height)
+		return *this;
+
 	FBDrawInRegion(pckt->fColor, pckt->fHeight, pckt->fWidth, pckt->fY, pckt->fX);
 
 	return *this;
@@ -42,6 +49,10 @@ FBDeviceInterface& FBDeviceInterface::operator>>(FBDevicePacket* pckt)
 	if (!pckt)
 		return *this;
 
+	if (pckt->fX > kHandoverHeader->f_GOP.f_Width ||
+		pckt->fY > kHandoverHeader->f_GOP.f_Height)
+		return *this;
+
 	pckt->fColor = *(((Kernel::UInt32*)(kHandoverHeader->f_GOP.f_The +
 										4 * kHandoverHeader->f_GOP.f_PixelPerLine *
 											pckt->fX +
-- 
cgit v1.2.3