From 5d9f1bf830dbd02f565cedc29f2663bd13565e8c Mon Sep 17 00:00:00 2001
From: Olivier Certner <olce@FreeBSD.org>
Date: Mon, 3 Mar 2025 10:30:00 +0100
Subject: [PATCH] smbios: Carefully print wrong entry point signature on
 identify

Using printf() with '%s' can lead to arbitrary long printing (although,
usually, a NUL byte should appear quite quickly) and trying to print
unprintable characters.

Instead, print in hexadecimal the exact bytes that are compared to the
expected signature.

MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit bb04712e37723d112b2fad28af4b035ef35a25be)
---
 sys/dev/smbios/smbios.c | 41 +++++++++++++++++++++++++++++------------
 1 file changed, 29 insertions(+), 12 deletions(-)

diff --git a/sys/dev/smbios/smbios.c b/sys/dev/smbios/smbios.c
index 4a5305ea80c..c8536d5f86c 100644
--- a/sys/dev/smbios/smbios.c
+++ b/sys/dev/smbios/smbios.c
@@ -125,21 +125,13 @@ smbios_identify (driver_t *driver, device_t parent)
 	if (map_size == sizeof(*eps3)) {
 		eps3 = ptr;
 		length = eps3->length;
-		if (memcmp(eps3->anchor_string,
-		    SMBIOS3_SIG, SMBIOS3_LEN) != 0) {
-			printf("smbios3: corrupt sig %s found\n",
-			    eps3->anchor_string);
-			goto unmap_return;
-		}
+		if (memcmp(eps3->anchor_string, SMBIOS3_SIG, SMBIOS3_LEN) != 0)
+			goto corrupt_sig;
 	} else {
 		eps = ptr;
 		length = eps->length;
-		if (memcmp(eps->anchor_string,
-		    SMBIOS_SIG, SMBIOS_LEN) != 0) {
-			printf("smbios: corrupt sig %s found\n",
-			    eps->anchor_string);
-			goto unmap_return;
-		}
+		if (memcmp(eps->anchor_string, SMBIOS_SIG, SMBIOS_LEN) != 0)
+			goto corrupt_sig;
 	}
 	if (length != map_size) {
 		/*
@@ -168,6 +160,31 @@ smbios_identify (driver_t *driver, device_t parent)
 unmap_return:
 	pmap_unmapbios(ptr, map_size);
 	return;
+
+corrupt_sig:
+	{
+		const char *sig;
+	        const char *table_ver_str;
+		size_t i, end;
+
+		if (map_size == sizeof(*eps3)) {
+			sig = eps3->anchor_string;
+			table_ver_str = "64";
+			end = SMBIOS3_LEN;
+		} else {
+			sig = eps->anchor_string;
+			table_ver_str = "32";
+			end = SMBIOS_LEN;
+		}
+
+		/* Space after ':' printed by the loop. */
+		printf("smbios: %s-bit Entry Point: Corrupt signature (hex):",
+		    table_ver_str);
+		for (i = 0; i < end; ++i)
+			printf(" %02hhx", sig[i]);
+		printf("\n");
+	}
+	goto unmap_return;
 }
 
 static int