| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 08 Jul 2009 09:03:25 +0200
From: Matthias Pfaller <leo@...co.de>
To: Jiri Slaby <jirislaby@...il.com>, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org,
"Eric W. Biederman" <ebiederm@...ssion.com>
Subject: Re: [PATCH 1/1] DMI: fix dmi_get_year year parsing
Jiri Slaby wrote:
> On 07/08/2009 08:46 AM, Matthias Pfaller wrote:
>> Jiri Slaby wrote:
>>> Don't guess a year number base. Use 10 instead, since year may
>>> be 2-digit starting with 0, so that we would end up in base equal
>>> to 8.
>>>
>>> Signed-off-by: Jiri Slaby <jirislaby@...il.com>
>>> Reported-by: Matthias Pfaller <leo@...co.de>
>>> ---
>>> drivers/firmware/dmi_scan.c | 2 +-
>>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>>
>>> diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c
>>> index 6071078..8fe0f6e 100644
>>> --- a/drivers/firmware/dmi_scan.c
>>> +++ b/drivers/firmware/dmi_scan.c
>>> @@ -611,7 +611,7 @@ int dmi_get_year(int field)
>>> return 0;
>>>
>>> s += 1;
>>> - year = simple_strtoul(s, NULL, 0);
>>> + year = simple_strtoul(s, NULL, 10);
>>> if (year && year < 100) { /* 2-digit year */
>>> year += 1900;
>>> if (year < 1996) /* no dates < spec 1.0 */
>> I just noticed, that this is not enough, because this will still fail
>> for xxx/xx/00. I suggest the following patch:
>
> Actually the patch below is not correct. Standard says consider xx/xx/yy
> as 19yy, not 20yy.
>
> BTW. the patch above is not useful, reporting 1908 and 1909 as a year is
> almost the same as 1900.
Sorry, I don't understand. simple_strtoul will return 8 for my bios. So
1900 will get added resulting in 1908 (as you said). But because 1908 is
still less than 1996 now 100 will get added which results in 2008 which
is what I need.
> Do you have such a broken BIOS?
Yes. Its on an etx-cd, an embedded board from kontron. dmidecode output:
Handle 0x0000, DMI type 0, 24 bytes
BIOS Information
Vendor: Phoenix Technologies LTD
Version: MCALR116
Release Date: 08/13/08
Address: 0xE3F90
Runtime Size: 114800 bytes
ROM Size: 1024 kB
Characteristics:
ISA is supported
PCI is supported
PC Card (PCMCIA) is supported
PNP is supported
BIOS is upgradeable
BIOS shadowing is allowed
ESCD support is available
Boot from CD is supported
ACPI is supported
USB legacy is supported
BIOS boot specification is supported
Our systems started to fail after we got boards with a newer bios from
our supplier...
>
>> --- drivers/firmware/dmi_scan.c.bak Wed Jul 8 02:42:04 2009
>> +++ drivers/firmware/dmi_scan.c Wed Jul 8 02:42:17 2009
>> @@ -360,12 +360,15 @@
>> return 0;
>>
>> s += 1;
>> - year = simple_strtoul(s, NULL, 0);
>> - if (year && year < 100) { /* 2-digit year */
>> - year += 1900;
>> - if (year < 1996) /* no dates < spec 1.0 */
>> - year += 100;
>> + if (s[0] == '0' && s[1] == '0' && s[2] == '\0') {
>> + year = 2000;
>> + } else {
>> + year = simple_strtoul(s, NULL, 10);
>> + if (year && year < 100) { /* 2-digit year */
>> + year += 1900;
>> + if (year < 1996) /* no dates < spec 1.0 */
>> + year += 100;
>> + }
>> }
>> -
>> return year;
>> }
>>
>
--
Matthias Pfaller Software Entwicklung
marco Systemanalyse und Entwicklung GmbH Tel +49 8131 5161 41
Hans-Böckler-Str. 2, D 85221 Dachau Fax +49 8131 5161 66
http://www.marco.de/ Email leo@...co.de
Geschäftsführer Martin Reuter HRB 171775 Amtsgericht München
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists