1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
From e5c73239404931d4d1b73eb595c3802fbce74c61 Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.de>
Date: Mon, 2 Nov 2015 09:45:36 +0100
Subject: [PATCH 9/9] dmidecode: Check sysfs entry point length
Before passing the sysfs entry point data over for decoding, check
that its length meets the expectations.
---
CHANGELOG | 1 +
dmidecode.c | 6 +++---
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index fcfc244..ba61cab 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -5,6 +5,7 @@
* dmidecode.c: Use read_file to read the DMI table from sysfs.
This fixes Savannah bug #46176:
https://savannah.nongnu.org/bugs/?46176
+ * dmidecode.c: Check the sysfs entry point length.
2015-10-21 Xie XiuQi <xiexiuqi@huawei.com>
diff --git a/dmidecode.c b/dmidecode.c
index 16d1823..b47c469 100644
--- a/dmidecode.c
+++ b/dmidecode.c
@@ -4840,17 +4840,17 @@ int main(int argc, char * const argv[])
{
if (!(opt.flags & FLAG_QUIET))
printf("Getting SMBIOS data from sysfs.\n");
- if (memcmp(buf, "_SM3_", 5) == 0)
+ if (size >= 24 && memcmp(buf, "_SM3_", 5) == 0)
{
if (smbios3_decode(buf, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET))
found++;
}
- else if (memcmp(buf, "_SM_", 4) == 0)
+ else if (size >= 31 && memcmp(buf, "_SM_", 4) == 0)
{
if (smbios_decode(buf, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET))
found++;
}
- else if (memcmp(buf, "_DMI_", 5) == 0)
+ else if (size >= 15 && memcmp(buf, "_DMI_", 5) == 0)
{
if (legacy_decode(buf, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET))
found++;
--
2.6.4
|