| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Sep 2022 18:09:03 +0200
From: Jean Delvare <jdelvare@...e.de>
To: Andy Shevchenko <andy.shevchenko@...il.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCH] firmware: dmi: Fortify entry point length checks
On Wed, 7 Sep 2022 18:48:03 +0300, Andy Shevchenko wrote:
> On Wed, Sep 7, 2022 at 6:21 PM Jean Delvare <jdelvare@...e.de> wrote:
> > On Wed, 7 Sep 2022 17:52:10 +0300, Andy Shevchenko wrote:
> > > "NOTE: This value was incorrectly stated in version 2.1 of this specification as
> > > 1Eh. Because of this, there might be version 2.1 implementations that
> > > use either the 1Eh or the 1Fh value, but version 2.2 or later
> > > implementations must use the 1Fh value."
> >
> > Good point, so maybe we should accept 0x1E and treat is silently as
> > 0x1F (which is what we have been doing implicitly so far) for maximum
> > compatibility?
>
> At least the previous comparison covers this case, if I'm not mistaken.
Before my proposed change, yes. After my proposed change, no longer.
Let's not risk a regression, I'll change the check to:
if (memcmp(buf, "_SM_", 4) == 0 &&
buf[5] >= 30 && buf[5] <= 32 &&
dmi_checksum(buf, buf[5])) {
I'll also add a comment stating why we are allowing length 30.
Thanks for the valuable feedback,
--
Jean Delvare
SUSE L3 Support
Powered by blists - more mailing lists