[Qemu-devel] [PATCH] console: Fix rendering of VGA underline

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] console: Fix rendering of VGA underline
@ 2011-11-04  9:38 Markus Armbruster
  2011-11-08 17:24 ` Anthony Liguori
  0 siblings, 1 reply; 2+ messages in thread
From: Markus Armbruster @ 2011-11-04  9:38 UTC (permalink / raw)
  To: qemu-devel; +Cc: aliguori

vga_putcharxy()'s underline code sets font_data to 0xffff instead of
0xff.  vga_putcharxy() then reads dmask16[0xffff >> 4] and
dmask4[0xffff >> 6].  In practice, these out-of-bounds subscripts
"only" put a few crap bits into the display surface.

For 32 bit pixels, there's no array access.  font_data's extra bits go
straight into the display surface.

Broken when commit 6d6f7c28 implemented underline.

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
 console.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/console.c b/console.c
index e43de92..f6fe441 100644
--- a/console.c
+++ b/console.c
@@ -467,7 +467,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y, int ch,
             font_data = *font_ptr++;
             if (t_attrib->uline
                 && ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
-                font_data = 0xFFFF;
+                font_data = 0xFF;
             }
             ((uint32_t *)d)[0] = (dmask16[(font_data >> 4)] & xorcol) ^ bgcol;
             ((uint32_t *)d)[1] = (dmask16[(font_data >> 0) & 0xf] & xorcol) ^ bgcol;
@@ -480,7 +480,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y, int ch,
             font_data = *font_ptr++;
             if (t_attrib->uline
                 && ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
-                font_data = 0xFFFF;
+                font_data = 0xFF;
             }
             ((uint32_t *)d)[0] = (dmask4[(font_data >> 6)] & xorcol) ^ bgcol;
             ((uint32_t *)d)[1] = (dmask4[(font_data >> 4) & 3] & xorcol) ^ bgcol;
@@ -493,7 +493,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y, int ch,
         for(i = 0; i < FONT_HEIGHT; i++) {
             font_data = *font_ptr++;
             if (t_attrib->uline && ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
-                font_data = 0xFFFF;
+                font_data = 0xFF;
             }
             ((uint32_t *)d)[0] = (-((font_data >> 7)) & xorcol) ^ bgcol;
             ((uint32_t *)d)[1] = (-((font_data >> 6) & 1) & xorcol) ^ bgcol;
-- 
1.7.6.4

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [Qemu-devel] [PATCH] console: Fix rendering of VGA underline
  2011-11-04  9:38 [Qemu-devel] [PATCH] console: Fix rendering of VGA underline Markus Armbruster
@ 2011-11-08 17:24 ` Anthony Liguori
  0 siblings, 0 replies; 2+ messages in thread
From: Anthony Liguori @ 2011-11-08 17:24 UTC (permalink / raw)
  To: Markus Armbruster; +Cc: qemu-devel

On 11/04/2011 04:38 AM, Markus Armbruster wrote:
> vga_putcharxy()'s underline code sets font_data to 0xffff instead of
> 0xff.  vga_putcharxy() then reads dmask16[0xffff>>  4] and
> dmask4[0xffff>>  6].  In practice, these out-of-bounds subscripts
> "only" put a few crap bits into the display surface.
>
> For 32 bit pixels, there's no array access.  font_data's extra bits go
> straight into the display surface.
>
> Broken when commit 6d6f7c28 implemented underline.
>
> Spotted by Coverity.
>
> Signed-off-by: Markus Armbruster<armbru@redhat.com>

Applied.  Thanks.

Regards,

Anthony Liguori

> ---
>   console.c |    6 +++---
>   1 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/console.c b/console.c
> index e43de92..f6fe441 100644
> --- a/console.c
> +++ b/console.c
> @@ -467,7 +467,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y, int ch,
>               font_data = *font_ptr++;
>               if (t_attrib->uline
>                   &&  ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
> -                font_data = 0xFFFF;
> +                font_data = 0xFF;
>               }
>               ((uint32_t *)d)[0] = (dmask16[(font_data>>  4)]&  xorcol) ^ bgcol;
>               ((uint32_t *)d)[1] = (dmask16[(font_data>>  0)&  0xf]&  xorcol) ^ bgcol;
> @@ -480,7 +480,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y, int ch,
>               font_data = *font_ptr++;
>               if (t_attrib->uline
>                   &&  ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
> -                font_data = 0xFFFF;
> +                font_data = 0xFF;
>               }
>               ((uint32_t *)d)[0] = (dmask4[(font_data>>  6)]&  xorcol) ^ bgcol;
>               ((uint32_t *)d)[1] = (dmask4[(font_data>>  4)&  3]&  xorcol) ^ bgcol;
> @@ -493,7 +493,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y, int ch,
>           for(i = 0; i<  FONT_HEIGHT; i++) {
>               font_data = *font_ptr++;
>               if (t_attrib->uline&&  ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
> -                font_data = 0xFFFF;
> +                font_data = 0xFF;
>               }
>               ((uint32_t *)d)[0] = (-((font_data>>  7))&  xorcol) ^ bgcol;
>               ((uint32_t *)d)[1] = (-((font_data>>  6)&  1)&  xorcol) ^ bgcol;

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2011-11-08 17:24 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-11-04  9:38 [Qemu-devel] [PATCH] console: Fix rendering of VGA underline Markus Armbruster
2011-11-08 17:24 ` Anthony Liguori

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).