The branch main has been updated by olce:
URL:
https://cgit.FreeBSD.org/src/commit/?id=516e24e57987d184cce70e7f31443653aa1a5e63
commit 516e24e57987d184cce70e7f31443653aa1a5e63
Author: Olivier Certner <o...@freebsd.org>
AuthorDate: 2025-03-03 14:25:23 +0000
Commit: Olivier Certner <o...@freebsd.org>
CommitDate: 2025-03-07 16:42:46 +0000
smbios: Harden decoding of the BCD revision
bcd2bin() must not be called with a value greater or equal to
LIBKERN_LEN_BCD2BIN.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
---
sys/dev/smbios/smbios.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/sys/dev/smbios/smbios.c b/sys/dev/smbios/smbios.c
index 2cc8e3ff21c4..ca329c0f65f6 100644
--- a/sys/dev/smbios/smbios.c
+++ b/sys/dev/smbios/smbios.c
@@ -241,18 +241,20 @@ smbios_attach (device_t dev)
"Docrev: %u, Entry Point Revision: %u\n",
sc->eps3->docrev, sc->eps3->entry_point_revision);
} else {
+ const struct smbios_eps *const eps = va;
+ const uint8_t bcd = eps->BCD_revision;
+
sc->eps = va;
device_printf(dev, "Entry point: v2.1 (32-bit), Version: %u.%u",
- sc->eps->major_version, sc->eps->minor_version);
- if (bcd2bin(sc->eps->BCD_revision))
+ eps->major_version, eps->minor_version);
+ if (bcd < LIBKERN_LEN_BCD2BIN && bcd2bin(bcd) != 0)
printf(", BCD Revision: %u.%u\n",
- bcd2bin(sc->eps->BCD_revision >> 4),
- bcd2bin(sc->eps->BCD_revision & 0x0f));
+ bcd2bin(bcd >> 4), bcd2bin(bcd & 0x0f));
else
printf("\n");
if (bootverbose)
device_printf(dev, "Entry Point Revision: %u\n",
- sc->eps->entry_point_revision);
+ eps->entry_point_revision);
}
return (0);
}
