ABI of I8K_BIOS_VERSION ioctl can return only number. But new BIOS versions
contain also other characters, which does not fit into that ABI. So in case
of non digit values return -EINVAL.
Reported-by: Mario Limonciello <mario_limoncie...@dell.com>
Signed-off-by: Pali Rohár <pali.ro...@gmail.com>
---
drivers/hwmon/dell-smm-hwmon.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/hwmon/dell-smm-hwmon.c b/drivers/hwmon/dell-smm-hwmon.c
index c43318d..480b2fa 100644
--- a/drivers/hwmon/dell-smm-hwmon.c
+++ b/drivers/hwmon/dell-smm-hwmon.c
@@ -35,6 +35,7 @@
#include <linux/uaccess.h>
#include <linux/io.h>
#include <linux/sched.h>
+#include <linux/ctype.h>
#include <linux/i8k.h>
@@ -387,6 +388,10 @@ i8k_ioctl_unlocked(struct file *fp, unsigned int cmd,
unsigned long arg)
switch (cmd) {
case I8K_BIOS_VERSION:
+ if (!isdigit(bios_version[0]) || !isdigit(bios_version[1]) ||
+ !isdigit(bios_version[2]))
+ return -EINVAL;
+
val = (bios_version[0] << 16) |
(bios_version[1] << 8) | bios_version[2];
break;
--
1.7.9.5
