lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 17 Feb 2013 00:57:24 -0500
From:	tmhikaru@...il.com
To:	Zhenzhong Duan <zhenzhong.duan@...cle.com>
Cc:	ben@...adent.org.uk, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] dmi_scan: Fix missing check for _DMI_ signature in
 smbios_present()

On Sat, Feb 16, 2013 at 06:35:04PM -0800, Zhenzhong Duan wrote:
> 
> ----- ben@...adent.org.uk wrote???
> 
> > Commit 9f9c9cbb6057 ('drivers/firmware/dmi_scan.c: fetch dmi version
> > from SMBIOS if it exists') hoisted the check for "_DMI_" into
> > dmi_scan_machine(), which means that we don't bother to check for
> > "_DMI_" at offset 16 in an SMBIOS entry.  smbios_present() may also
> > call dmi_present() for an address where we found "_SM_", if it failed
> > further validation.
> > 
> > Check for "_DMI_" in smbios_present() before calling dmi_present().
> > 
> > Reported-by: Tim McGrath <tmhikaru@...il.com>
> > Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
> > Cc: stable <stable@...r.kernel.org>
> > ---
> > This has a memcmp() that wasn't in the previous version, so I've not
> > included the Acked-by or Tested-by for that.
> Yes, the further "_DMI_" check is needed.
> Acked-by: Zhenzhong Duan <zhenzhong.duan@...cle.com>
> > 
> > Ben.
> > 
> >  drivers/firmware/dmi_scan.c |    5 ++---
> >  1 file changed, 2 insertions(+), 3 deletions(-)
> > 
> > diff --git a/drivers/firmware/dmi_scan.c
> > b/drivers/firmware/dmi_scan.c
> > index 982f1f5..a86ccff 100644
> > --- a/drivers/firmware/dmi_scan.c
> > +++ b/drivers/firmware/dmi_scan.c
> > @@ -442,7 +442,6 @@ static int __init dmi_present(const char __iomem
> > *p)
> >  static int __init smbios_present(const char __iomem *p)
> >  {
> >  	u8 buf[32];
> > -	int offset = 0;
> >  
> >  	memcpy_fromio(buf, p, 32);
> >  	if ((buf[5] < 32) && dmi_checksum(buf, buf[5])) {
> > @@ -461,9 +460,9 @@ static int __init smbios_present(const char
> > __iomem *p)
> >  			dmi_ver = 0x0206;
> >  			break;
> >  		}
> > -		offset = 16;
> > +		return memcmp(q + 16, "_DMI_", 5) || dmi_present(p + 16);
> >  	}
> > -	return dmi_present(buf + offset);
> > +	return 1;
> >  }
> >  
> >  void __init dmi_scan_machine(void)
I'm a little confused, do you need me to test something?
Tim McGrath

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ