diff options
Diffstat (limited to 'meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch')
-rw-r--r-- | meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch | 198 |
1 files changed, 198 insertions, 0 deletions
diff --git a/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch new file mode 100644 index 0000000000..353c2553f5 --- /dev/null +++ b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch | |||
@@ -0,0 +1,198 @@ | |||
1 | From 58e8a07b1aef0e53af1642b30248255e53e42790 Mon Sep 17 00:00:00 2001 | ||
2 | From: Jean Delvare <jdelvare@suse.de> | ||
3 | Date: Mon, 20 Feb 2023 14:53:25 +0100 | ||
4 | Subject: [PATCH] dmidecode: Write the whole dump file at once | ||
5 | |||
6 | When option --dump-bin is used, write the whole dump file at once, | ||
7 | instead of opening and closing the file separately for the table | ||
8 | and then for the entry point. | ||
9 | |||
10 | As the file writing function is no longer generic, it gets moved | ||
11 | from util.c to dmidecode.c. | ||
12 | |||
13 | One minor functional change resulting from the new implementation is | ||
14 | that the entry point is written first now, so the messages printed | ||
15 | are swapped. | ||
16 | |||
17 | CVE: CVE-2023-30630 | ||
18 | Upstream-Status: Backport [https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f38] | ||
19 | |||
20 | Backport Changes: | ||
21 | - In the file dmidecode.c, the commit [2241f1d] in v3.3 introduces | ||
22 | pr_info(). This is backported to printf() as per v3.2. | ||
23 | |||
24 | Signed-off-by: Jean Delvare <jdelvare@suse.de> | ||
25 | Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com> | ||
26 | (cherry picked from commit d8cfbc808f387e87091c25e7d5b8c2bb348bb206) | ||
27 | Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com> | ||
28 | |||
29 | --- | ||
30 | dmidecode.c | 69 +++++++++++++++++++++++++++++++++++++++-------------- | ||
31 | util.c | 40 ------------------------------- | ||
32 | util.h | 1 - | ||
33 | 3 files changed, 51 insertions(+), 59 deletions(-) | ||
34 | |||
35 | diff --git a/dmidecode.c b/dmidecode.c | ||
36 | index d6eedd1..b91e53b 100644 | ||
37 | --- a/dmidecode.c | ||
38 | +++ b/dmidecode.c | ||
39 | @@ -5094,11 +5094,56 @@ static void dmi_table_string(const struct dmi_header *h, const u8 *data, u16 ver | ||
40 | } | ||
41 | } | ||
42 | |||
43 | -static void dmi_table_dump(const u8 *buf, u32 len) | ||
44 | +static int dmi_table_dump(const u8 *ep, u32 ep_len, const u8 *table, | ||
45 | + u32 table_len) | ||
46 | { | ||
47 | + FILE *f; | ||
48 | + | ||
49 | + f = fopen(opt.dumpfile, "wb"); | ||
50 | + if (!f) | ||
51 | + { | ||
52 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
53 | + perror("fopen"); | ||
54 | + return -1; | ||
55 | + } | ||
56 | + | ||
57 | + if (!(opt.flags & FLAG_QUIET)) | ||
58 | + printf("# Writing %d bytes to %s.\n", ep_len, opt.dumpfile); | ||
59 | + if (fwrite(ep, ep_len, 1, f) != 1) | ||
60 | + { | ||
61 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
62 | + perror("fwrite"); | ||
63 | + goto err_close; | ||
64 | + } | ||
65 | + | ||
66 | + if (fseek(f, 32, SEEK_SET) != 0) | ||
67 | + { | ||
68 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
69 | + perror("fseek"); | ||
70 | + goto err_close; | ||
71 | + } | ||
72 | + | ||
73 | if (!(opt.flags & FLAG_QUIET)) | ||
74 | - printf("# Writing %d bytes to %s.\n", len, opt.dumpfile); | ||
75 | - write_dump(32, len, buf, opt.dumpfile, 0); | ||
76 | + printf("# Writing %d bytes to %s.\n", table_len, opt.dumpfile); | ||
77 | + if (fwrite(table, table_len, 1, f) != 1) | ||
78 | + { | ||
79 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
80 | + perror("fwrite"); | ||
81 | + goto err_close; | ||
82 | + } | ||
83 | + | ||
84 | + if (fclose(f)) | ||
85 | + { | ||
86 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
87 | + perror("fclose"); | ||
88 | + return -1; | ||
89 | + } | ||
90 | + | ||
91 | + return 0; | ||
92 | + | ||
93 | +err_close: | ||
94 | + fclose(f); | ||
95 | + return -1; | ||
96 | } | ||
97 | |||
98 | static void dmi_table_decode(u8 *buf, u32 len, u16 num, u16 ver, u32 flags) | ||
99 | @@ -5351,11 +5396,7 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) | ||
100 | memcpy(crafted, buf, 32); | ||
101 | overwrite_smbios3_address(crafted); | ||
102 | |||
103 | - dmi_table_dump(table, len); | ||
104 | - if (!(opt.flags & FLAG_QUIET)) | ||
105 | - printf("# Writing %d bytes to %s.\n", crafted[0x06], | ||
106 | - opt.dumpfile); | ||
107 | - write_dump(0, crafted[0x06], crafted, opt.dumpfile, 1); | ||
108 | + dmi_table_dump(crafted, crafted[0x06], table, len); | ||
109 | } | ||
110 | else | ||
111 | { | ||
112 | @@ -5427,11 +5468,7 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags) | ||
113 | memcpy(crafted, buf, 32); | ||
114 | overwrite_dmi_address(crafted + 0x10); | ||
115 | |||
116 | - dmi_table_dump(table, len); | ||
117 | - if (!(opt.flags & FLAG_QUIET)) | ||
118 | - printf("# Writing %d bytes to %s.\n", crafted[0x05], | ||
119 | - opt.dumpfile); | ||
120 | - write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); | ||
121 | + dmi_table_dump(crafted, crafted[0x05], table, len); | ||
122 | } | ||
123 | else | ||
124 | { | ||
125 | @@ -5472,11 +5509,7 @@ static int legacy_decode(u8 *buf, const char *devmem, u32 flags) | ||
126 | memcpy(crafted, buf, 16); | ||
127 | overwrite_dmi_address(crafted); | ||
128 | |||
129 | - dmi_table_dump(table, len); | ||
130 | - if (!(opt.flags & FLAG_QUIET)) | ||
131 | - printf("# Writing %d bytes to %s.\n", 0x0F, | ||
132 | - opt.dumpfile); | ||
133 | - write_dump(0, 0x0F, crafted, opt.dumpfile, 1); | ||
134 | + dmi_table_dump(crafted, 0x0F, table, len); | ||
135 | } | ||
136 | else | ||
137 | { | ||
138 | diff --git a/util.c b/util.c | ||
139 | index eeffdae..2e1931c 100644 | ||
140 | --- a/util.c | ||
141 | +++ b/util.c | ||
142 | @@ -247,46 +247,6 @@ out: | ||
143 | return p; | ||
144 | } | ||
145 | |||
146 | -int write_dump(size_t base, size_t len, const void *data, const char *dumpfile, int add) | ||
147 | -{ | ||
148 | - FILE *f; | ||
149 | - | ||
150 | - f = fopen(dumpfile, add ? "r+b" : "wb"); | ||
151 | - if (!f) | ||
152 | - { | ||
153 | - fprintf(stderr, "%s: ", dumpfile); | ||
154 | - perror("fopen"); | ||
155 | - return -1; | ||
156 | - } | ||
157 | - | ||
158 | - if (fseek(f, base, SEEK_SET) != 0) | ||
159 | - { | ||
160 | - fprintf(stderr, "%s: ", dumpfile); | ||
161 | - perror("fseek"); | ||
162 | - goto err_close; | ||
163 | - } | ||
164 | - | ||
165 | - if (fwrite(data, len, 1, f) != 1) | ||
166 | - { | ||
167 | - fprintf(stderr, "%s: ", dumpfile); | ||
168 | - perror("fwrite"); | ||
169 | - goto err_close; | ||
170 | - } | ||
171 | - | ||
172 | - if (fclose(f)) | ||
173 | - { | ||
174 | - fprintf(stderr, "%s: ", dumpfile); | ||
175 | - perror("fclose"); | ||
176 | - return -1; | ||
177 | - } | ||
178 | - | ||
179 | - return 0; | ||
180 | - | ||
181 | -err_close: | ||
182 | - fclose(f); | ||
183 | - return -1; | ||
184 | -} | ||
185 | - | ||
186 | /* Returns end - start + 1, assuming start < end */ | ||
187 | u64 u64_range(u64 start, u64 end) | ||
188 | { | ||
189 | diff --git a/util.h b/util.h | ||
190 | index 3094cf8..ef24eb9 100644 | ||
191 | --- a/util.h | ||
192 | +++ b/util.h | ||
193 | @@ -27,5 +27,4 @@ | ||
194 | int checksum(const u8 *buf, size_t len); | ||
195 | void *read_file(off_t base, size_t *len, const char *filename); | ||
196 | void *mem_chunk(off_t base, size_t len, const char *devmem); | ||
197 | -int write_dump(size_t base, size_t len, const void *data, const char *dumpfile, int add); | ||
198 | u64 u64_range(u64 start, u64 end); | ||