[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[dmidecode] [PATCH] dmidecode: Fortify entry point length checks
|
From: |
Jean Delvare |
|
Subject: |
[dmidecode] [PATCH] dmidecode: Fortify entry point length checks |
|
Date: |
Wed, 7 Sep 2022 11:08:40 +0200 |
Ensure that the SMBIOS entry point is long enough to include all the
fields we need. Otherwise it is pointless to even attempt to verify
its checksum.
A similar check was added to the SMBIOS entry point parser in the
Linux kernel.
Signed-off-by: Jean Delvare <jdelvare@suse.de>
---
dmidecode.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- dmidecode.orig/dmidecode.c 2022-06-15 13:44:53.259977860 +0200
+++ dmidecode/dmidecode.c 2022-09-07 11:03:17.188473731 +0200
@@ -5700,7 +5700,8 @@ static int smbios3_decode(u8 *buf, const
return 0;
}
- if (!checksum(buf, buf[0x06]))
+ if (buf[0x06] < 0x18
+ || !checksum(buf, buf[0x06]))
return 0;
ver = (buf[0x07] << 16) + (buf[0x08] << 8) + buf[0x09];
@@ -5747,7 +5748,8 @@ static int smbios_decode(u8 *buf, const
return 0;
}
- if (!checksum(buf, buf[0x05])
+ if (buf[0x05] < 0x1F
+ || !checksum(buf, buf[0x05])
|| memcmp(buf + 0x10, "_DMI_", 5) != 0
|| !checksum(buf + 0x10, 0x0F))
return 0;
--
Jean Delvare
SUSE L3 Support
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [dmidecode] [PATCH] dmidecode: Fortify entry point length checks,
Jean Delvare <=