git: 5d9f1bf830db - stable/14 - smbios: Carefully print wrong entry point signature on identify

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Olivier Certner <olce_at_FreeBSD.org>
Date: Tue, 08 Apr 2025 13:40:55 UTC
The branch stable/14 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=5d9f1bf830dbd02f565cedc29f2663bd13565e8c

commit 5d9f1bf830dbd02f565cedc29f2663bd13565e8c
Author:     Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2025-03-03 09:30:00 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2025-04-08 13:38:24 +0000

    smbios: Carefully print wrong entry point signature on identify
    
    Using printf() with '%s' can lead to arbitrary long printing (although,
    usually, a NUL byte should appear quite quickly) and trying to print
    unprintable characters.
    
    Instead, print in hexadecimal the exact bytes that are compared to the
    expected signature.
    
    MFC after:      2 weeks
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit bb04712e37723d112b2fad28af4b035ef35a25be)
---
 sys/dev/smbios/smbios.c | 41 +++++++++++++++++++++++++++++------------
 1 file changed, 29 insertions(+), 12 deletions(-)

diff --git a/sys/dev/smbios/smbios.c b/sys/dev/smbios/smbios.c
index 4a5305ea80c0..c8536d5f86c5 100644
--- a/sys/dev/smbios/smbios.c
+++ b/sys/dev/smbios/smbios.c
@@ -125,21 +125,13 @@ smbios_identify (driver_t *driver, device_t parent)
 	if (map_size == sizeof(*eps3)) {
 		eps3 = ptr;
 		length = eps3->length;
-		if (memcmp(eps3->anchor_string,
-		    SMBIOS3_SIG, SMBIOS3_LEN) != 0) {
-			printf("smbios3: corrupt sig %s found\n",
-			    eps3->anchor_string);
-			goto unmap_return;
-		}
+		if (memcmp(eps3->anchor_string, SMBIOS3_SIG, SMBIOS3_LEN) != 0)
+			goto corrupt_sig;
 	} else {
 		eps = ptr;
 		length = eps->length;
-		if (memcmp(eps->anchor_string,
-		    SMBIOS_SIG, SMBIOS_LEN) != 0) {
-			printf("smbios: corrupt sig %s found\n",
-			    eps->anchor_string);
-			goto unmap_return;
-		}
+		if (memcmp(eps->anchor_string, SMBIOS_SIG, SMBIOS_LEN) != 0)
+			goto corrupt_sig;
 	}
 	if (length != map_size) {
 		/*
@@ -168,6 +160,31 @@ smbios_identify (driver_t *driver, device_t parent)
 unmap_return:
 	pmap_unmapbios(ptr, map_size);
 	return;
+
+corrupt_sig:
+	{
+		const char *sig;
+	        const char *table_ver_str;
+		size_t i, end;
+
+		if (map_size == sizeof(*eps3)) {
+			sig = eps3->anchor_string;
+			table_ver_str = "64";
+			end = SMBIOS3_LEN;
+		} else {
+			sig = eps->anchor_string;
+			table_ver_str = "32";
+			end = SMBIOS_LEN;
+		}
+
+		/* Space after ':' printed by the loop. */
+		printf("smbios: %s-bit Entry Point: Corrupt signature (hex):",
+		    table_ver_str);
+		for (i = 0; i < end; ++i)
+			printf(" %02hhx", sig[i]);
+		printf("\n");
+	}
+	goto unmap_return;
 }
 
 static int