upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-19 02:30:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

libsa: smbios: Reject a 64-bit entry point with revision 0

Browse source 
According to the specification, such an entry point may have different
data in bytes at offsets 0x0c to 0x17 (included).  In such a case,
interpreting them as the Structure Table Maximum Size and Address fields
could have catastrophic consequences.

Reviewed by:    imp, markj
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D49286

(cherry picked from commit 64fc51a9cf71b2308399b7b7dee8a9bc9468877b)
This commit is contained in:
Olivier Certner 2025-03-07 14:32:24 +01:00
parent 330f1a4281
commit 5feb3c8ea6
No known key found for this signature in database
GPG key ID: 8CA13040971E2627
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
stand/libsa/smbios.c
View file

@ -193,6 +193,13 @@ smbios_sigsearch(const caddr_t addr, const uint32_t len)
#ifdef SMBIOS_64BIT_EP
/* v3.0, 64-bit Entry point */
if (strncmp(cp, SMBIOS3_SIG, sizeof(SMBIOS3_SIG) - 1) == 0 &&
/*
* The specification only guarantees the presence of the
* Structure Table Maximum Size and Address Entry fields at
* offsets 0x0c and 0x10 if the Entry Point Revision is not
* 0.
*/
SMBIOS_GET8(cp, 0x0a) != 0 &&
smbios_checksum(cp, SMBIOS_GET8(cp, 0x06)) == 0) {
smbios.is_64bit_ep = 1;
return (cp);