From fa40b725f91dc11f5e2c69a8bb106614fd25b3f5 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Wed, 15 Apr 2020 17:15:24 +0200
Subject: [PATCH] Kernel: Refuse to set overflowy resolution values in
 BXVGADevice

---
 Kernel/Devices/BXVGADevice.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Kernel/Devices/BXVGADevice.cpp b/Kernel/Devices/BXVGADevice.cpp
index 24c878d43b..47b69f6532 100644
--- a/Kernel/Devices/BXVGADevice.cpp
+++ b/Kernel/Devices/BXVGADevice.cpp
@@ -24,6 +24,7 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include <AK/Checked.h>
 #include <Kernel/Devices/BXVGADevice.h>
 #include <Kernel/PCI/Access.h>
 #include <Kernel/Process.h>
@@ -124,6 +125,9 @@ bool BXVGADevice::test_resolution(int width, int height)
 }
 bool BXVGADevice::set_resolution(int width, int height)
 {
+    if (Checked<int>::multiplication_would_overflow(width, height, sizeof(u32)))
+        return false;
+
     if (!test_resolution(width, height))
         return false;