Nucleus

diff --git a/drivers/video/bga.c b/drivers/video/bga.c
index 3354d01..061409a 100644
--- a/drivers/video/bga.c
+++ b/drivers/video/bga.c
@@ -10,9 +10,11 @@
 #include <sys/stat.h>
 #include <sys/fb.h>
 #include <fcntl.h>
+#include <errno.h>
 #include <io.h>
 #include <nucleus/driver.h>
-#include <nucleus/panic.h>
+#include <nucleus/kernel.h>
+#include <nucleus/memory.h>
 #include <nucleus/pci.h>
 #include <nucleus/vfs.h>
 
@@ -108,22 +110,33 @@ bga_dev_ioctl(File *file, unsigned long request, uintptr_t argp)
 	FBVarInfo *vinfo;
 	FBFixInfo *finfo;
 
+	if (!argp)
+		return -EFAULT;
+
 	switch (request) {
 	case FBIOGET_VSCREENINFO:
 		vinfo = (void *) argp;
+		if (!verify_access(vinfo, sizeof(FBVarInfo), PROT_WRITE))
+			return -EFAULT;
 		vinfo->xres = bgaDev.width;
 		vinfo->yres = bgaDev.height;
 		vinfo->bpp = bgaDev.bpp;
 		return 0;
 	case FBIOPUT_VSCREENINFO:
 		vinfo = (void *) argp;
+		if (!verify_access(vinfo, sizeof(FBVarInfo), PROT_WRITE))
+			return -EFAULT;
 		bga_set_mode(vinfo->xres, vinfo->yres, vinfo->bpp);
 		return 0;
 	case FBIOGET_FSCREENINFO:
 		finfo = (void *) argp;
+		if (!verify_access(finfo, sizeof(FBFixInfo), PROT_WRITE))
+			return -EFAULT;
 		finfo->fbmem = bgaDev.lfb;
 		finfo->fbmemLen = bgaDev.memSize;
 		return 0;
+	default:
+		return -EINVAL;
 	}
 }