diff options
Diffstat (limited to 'meta/recipes-devtools/dmidecode')
4 files changed, 500 insertions, 0 deletions
diff --git a/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p1.patch b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p1.patch new file mode 100644 index 0000000000..f1d449acbe --- /dev/null +++ b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p1.patch | |||
@@ -0,0 +1,236 @@ | |||
1 | From 24def311c6168d0dfb7c5f0f183b72b709c49265 Mon Sep 17 00:00:00 2001 | ||
2 | From: Jean Delvare <jdelvare@suse.de> | ||
3 | Date: Mon, 20 Feb 2023 14:53:21 +0100 | ||
4 | Subject: [PATCH] dmidecode: Split table fetching from decoding | ||
5 | |||
6 | Clean up function dmi_table so that it does only one thing: | ||
7 | * dmi_table() is renamed to dmi_table_get(). It now retrieves the | ||
8 | DMI table, but does not process it any longer. | ||
9 | * Decoding or dumping the table is now done in smbios3_decode(), | ||
10 | smbios_decode() and legacy_decode(). | ||
11 | No functional change. | ||
12 | |||
13 | A side effect of this change is that writing the header and body of | ||
14 | dump files is now done in a single location. This is required to | ||
15 | further consolidate the writing of dump files. | ||
16 | |||
17 | CVE-ID: CVE-2023-30630 | ||
18 | Upstream-Status: Backport [https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=39b2dd7b6ab7] | ||
19 | |||
20 | Backport Changes: | ||
21 | - In the file dmidecode.c, the commit [dd593d2] in v3.3 introduces | ||
22 | pr_info(). This is backported to printf() as per v3.2. | ||
23 | |||
24 | Signed-off-by: Jean Delvare <jdelvare@suse.de> | ||
25 | Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com> | ||
26 | (cherry picked from commit 39b2dd7b6ab719b920e96ed832cfb4bdd664e808) | ||
27 | Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com> | ||
28 | --- | ||
29 | dmidecode.c | 86 ++++++++++++++++++++++++++++++++++++++--------------- | ||
30 | 1 file changed, 62 insertions(+), 24 deletions(-) | ||
31 | |||
32 | diff --git a/dmidecode.c b/dmidecode.c | ||
33 | index a3e9d6c..d6eedd1 100644 | ||
34 | --- a/dmidecode.c | ||
35 | +++ b/dmidecode.c | ||
36 | @@ -5211,8 +5211,9 @@ static void dmi_table_decode(u8 *buf, u32 len, u16 num, u16 ver, u32 flags) | ||
37 | } | ||
38 | } | ||
39 | |||
40 | -static void dmi_table(off_t base, u32 len, u16 num, u32 ver, const char *devmem, | ||
41 | - u32 flags) | ||
42 | +/* Allocates a buffer for the table, must be freed by the caller */ | ||
43 | +static u8 *dmi_table_get(off_t base, u32 *len, u16 num, u32 ver, | ||
44 | + const char *devmem, u32 flags) | ||
45 | { | ||
46 | u8 *buf; | ||
47 | |||
48 | @@ -5231,7 +5232,7 @@ static void dmi_table(off_t base, u32 len, u16 num, u32 ver, const char *devmem, | ||
49 | { | ||
50 | if (num) | ||
51 | printf("%u structures occupying %u bytes.\n", | ||
52 | - num, len); | ||
53 | + num, *len); | ||
54 | if (!(opt.flags & FLAG_FROM_DUMP)) | ||
55 | printf("Table at 0x%08llX.\n", | ||
56 | (unsigned long long)base); | ||
57 | @@ -5249,19 +5250,19 @@ static void dmi_table(off_t base, u32 len, u16 num, u32 ver, const char *devmem, | ||
58 | * would be the result of the kernel truncating the table on | ||
59 | * parse error. | ||
60 | */ | ||
61 | - size_t size = len; | ||
62 | + size_t size = *len; | ||
63 | buf = read_file(flags & FLAG_NO_FILE_OFFSET ? 0 : base, | ||
64 | &size, devmem); | ||
65 | - if (!(opt.flags & FLAG_QUIET) && num && size != (size_t)len) | ||
66 | + if (!(opt.flags & FLAG_QUIET) && num && size != (size_t)*len) | ||
67 | { | ||
68 | fprintf(stderr, "Wrong DMI structures length: %u bytes " | ||
69 | "announced, only %lu bytes available.\n", | ||
70 | - len, (unsigned long)size); | ||
71 | + *len, (unsigned long)size); | ||
72 | } | ||
73 | - len = size; | ||
74 | + *len = size; | ||
75 | } | ||
76 | else | ||
77 | - buf = mem_chunk(base, len, devmem); | ||
78 | + buf = mem_chunk(base, *len, devmem); | ||
79 | |||
80 | if (buf == NULL) | ||
81 | { | ||
82 | @@ -5271,15 +5272,9 @@ static void dmi_table(off_t base, u32 len, u16 num, u32 ver, const char *devmem, | ||
83 | fprintf(stderr, | ||
84 | "Try compiling dmidecode with -DUSE_MMAP.\n"); | ||
85 | #endif | ||
86 | - return; | ||
87 | } | ||
88 | |||
89 | - if (opt.flags & FLAG_DUMP_BIN) | ||
90 | - dmi_table_dump(buf, len); | ||
91 | - else | ||
92 | - dmi_table_decode(buf, len, num, ver >> 8, flags); | ||
93 | - | ||
94 | - free(buf); | ||
95 | + return buf; | ||
96 | } | ||
97 | |||
98 | |||
99 | @@ -5314,8 +5309,9 @@ static void overwrite_smbios3_address(u8 *buf) | ||
100 | |||
101 | static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) | ||
102 | { | ||
103 | - u32 ver; | ||
104 | + u32 ver, len; | ||
105 | u64 offset; | ||
106 | + u8 *table; | ||
107 | |||
108 | /* Don't let checksum run beyond the buffer */ | ||
109 | if (buf[0x06] > 0x20) | ||
110 | @@ -5341,8 +5337,12 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) | ||
111 | return 0; | ||
112 | } | ||
113 | |||
114 | - dmi_table(((off_t)offset.h << 32) | offset.l, | ||
115 | - DWORD(buf + 0x0C), 0, ver, devmem, flags | FLAG_STOP_AT_EOT); | ||
116 | + /* Maximum length, may get trimmed */ | ||
117 | + len = DWORD(buf + 0x0C); | ||
118 | + table = dmi_table_get(((off_t)offset.h << 32) | offset.l, &len, 0, ver, | ||
119 | + devmem, flags | FLAG_STOP_AT_EOT); | ||
120 | + if (table == NULL) | ||
121 | + return 1; | ||
122 | |||
123 | if (opt.flags & FLAG_DUMP_BIN) | ||
124 | { | ||
125 | @@ -5351,18 +5351,28 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) | ||
126 | memcpy(crafted, buf, 32); | ||
127 | overwrite_smbios3_address(crafted); | ||
128 | |||
129 | + dmi_table_dump(table, len); | ||
130 | if (!(opt.flags & FLAG_QUIET)) | ||
131 | printf("# Writing %d bytes to %s.\n", crafted[0x06], | ||
132 | opt.dumpfile); | ||
133 | write_dump(0, crafted[0x06], crafted, opt.dumpfile, 1); | ||
134 | } | ||
135 | + else | ||
136 | + { | ||
137 | + dmi_table_decode(table, len, 0, ver >> 8, | ||
138 | + flags | FLAG_STOP_AT_EOT); | ||
139 | + } | ||
140 | + | ||
141 | + free(table); | ||
142 | |||
143 | return 1; | ||
144 | } | ||
145 | |||
146 | static int smbios_decode(u8 *buf, const char *devmem, u32 flags) | ||
147 | { | ||
148 | - u16 ver; | ||
149 | + u16 ver, num; | ||
150 | + u32 len; | ||
151 | + u8 *table; | ||
152 | |||
153 | /* Don't let checksum run beyond the buffer */ | ||
154 | if (buf[0x05] > 0x20) | ||
155 | @@ -5402,8 +5412,13 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags) | ||
156 | printf("SMBIOS %u.%u present.\n", | ||
157 | ver >> 8, ver & 0xFF); | ||
158 | |||
159 | - dmi_table(DWORD(buf + 0x18), WORD(buf + 0x16), WORD(buf + 0x1C), | ||
160 | - ver << 8, devmem, flags); | ||
161 | + /* Maximum length, may get trimmed */ | ||
162 | + len = WORD(buf + 0x16); | ||
163 | + num = WORD(buf + 0x1C); | ||
164 | + table = dmi_table_get(DWORD(buf + 0x18), &len, num, ver << 8, | ||
165 | + devmem, flags); | ||
166 | + if (table == NULL) | ||
167 | + return 1; | ||
168 | |||
169 | if (opt.flags & FLAG_DUMP_BIN) | ||
170 | { | ||
171 | @@ -5412,27 +5427,43 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags) | ||
172 | memcpy(crafted, buf, 32); | ||
173 | overwrite_dmi_address(crafted + 0x10); | ||
174 | |||
175 | + dmi_table_dump(table, len); | ||
176 | if (!(opt.flags & FLAG_QUIET)) | ||
177 | printf("# Writing %d bytes to %s.\n", crafted[0x05], | ||
178 | opt.dumpfile); | ||
179 | write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); | ||
180 | } | ||
181 | + else | ||
182 | + { | ||
183 | + dmi_table_decode(table, len, num, ver, flags); | ||
184 | + } | ||
185 | + | ||
186 | + free(table); | ||
187 | |||
188 | return 1; | ||
189 | } | ||
190 | |||
191 | static int legacy_decode(u8 *buf, const char *devmem, u32 flags) | ||
192 | { | ||
193 | + u16 ver, num; | ||
194 | + u32 len; | ||
195 | + u8 *table; | ||
196 | + | ||
197 | if (!checksum(buf, 0x0F)) | ||
198 | return 0; | ||
199 | |||
200 | + ver = ((buf[0x0E] & 0xF0) << 4) + (buf[0x0E] & 0x0F); | ||
201 | if (!(opt.flags & FLAG_QUIET)) | ||
202 | printf("Legacy DMI %u.%u present.\n", | ||
203 | buf[0x0E] >> 4, buf[0x0E] & 0x0F); | ||
204 | |||
205 | - dmi_table(DWORD(buf + 0x08), WORD(buf + 0x06), WORD(buf + 0x0C), | ||
206 | - ((buf[0x0E] & 0xF0) << 12) + ((buf[0x0E] & 0x0F) << 8), | ||
207 | - devmem, flags); | ||
208 | + /* Maximum length, may get trimmed */ | ||
209 | + len = WORD(buf + 0x06); | ||
210 | + num = WORD(buf + 0x0C); | ||
211 | + table = dmi_table_get(DWORD(buf + 0x08), &len, num, ver << 8, | ||
212 | + devmem, flags); | ||
213 | + if (table == NULL) | ||
214 | + return 1; | ||
215 | |||
216 | if (opt.flags & FLAG_DUMP_BIN) | ||
217 | { | ||
218 | @@ -5441,11 +5472,18 @@ static int legacy_decode(u8 *buf, const char *devmem, u32 flags) | ||
219 | memcpy(crafted, buf, 16); | ||
220 | overwrite_dmi_address(crafted); | ||
221 | |||
222 | + dmi_table_dump(table, len); | ||
223 | if (!(opt.flags & FLAG_QUIET)) | ||
224 | printf("# Writing %d bytes to %s.\n", 0x0F, | ||
225 | opt.dumpfile); | ||
226 | write_dump(0, 0x0F, crafted, opt.dumpfile, 1); | ||
227 | } | ||
228 | + else | ||
229 | + { | ||
230 | + dmi_table_decode(table, len, num, ver, flags); | ||
231 | + } | ||
232 | + | ||
233 | + free(table); | ||
234 | |||
235 | return 1; | ||
236 | } | ||
diff --git a/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch new file mode 100644 index 0000000000..353c2553f5 --- /dev/null +++ b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630-dependent_p2.patch | |||
@@ -0,0 +1,198 @@ | |||
1 | From 58e8a07b1aef0e53af1642b30248255e53e42790 Mon Sep 17 00:00:00 2001 | ||
2 | From: Jean Delvare <jdelvare@suse.de> | ||
3 | Date: Mon, 20 Feb 2023 14:53:25 +0100 | ||
4 | Subject: [PATCH] dmidecode: Write the whole dump file at once | ||
5 | |||
6 | When option --dump-bin is used, write the whole dump file at once, | ||
7 | instead of opening and closing the file separately for the table | ||
8 | and then for the entry point. | ||
9 | |||
10 | As the file writing function is no longer generic, it gets moved | ||
11 | from util.c to dmidecode.c. | ||
12 | |||
13 | One minor functional change resulting from the new implementation is | ||
14 | that the entry point is written first now, so the messages printed | ||
15 | are swapped. | ||
16 | |||
17 | CVE: CVE-2023-30630 | ||
18 | Upstream-Status: Backport [https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f38] | ||
19 | |||
20 | Backport Changes: | ||
21 | - In the file dmidecode.c, the commit [2241f1d] in v3.3 introduces | ||
22 | pr_info(). This is backported to printf() as per v3.2. | ||
23 | |||
24 | Signed-off-by: Jean Delvare <jdelvare@suse.de> | ||
25 | Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com> | ||
26 | (cherry picked from commit d8cfbc808f387e87091c25e7d5b8c2bb348bb206) | ||
27 | Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com> | ||
28 | |||
29 | --- | ||
30 | dmidecode.c | 69 +++++++++++++++++++++++++++++++++++++++-------------- | ||
31 | util.c | 40 ------------------------------- | ||
32 | util.h | 1 - | ||
33 | 3 files changed, 51 insertions(+), 59 deletions(-) | ||
34 | |||
35 | diff --git a/dmidecode.c b/dmidecode.c | ||
36 | index d6eedd1..b91e53b 100644 | ||
37 | --- a/dmidecode.c | ||
38 | +++ b/dmidecode.c | ||
39 | @@ -5094,11 +5094,56 @@ static void dmi_table_string(const struct dmi_header *h, const u8 *data, u16 ver | ||
40 | } | ||
41 | } | ||
42 | |||
43 | -static void dmi_table_dump(const u8 *buf, u32 len) | ||
44 | +static int dmi_table_dump(const u8 *ep, u32 ep_len, const u8 *table, | ||
45 | + u32 table_len) | ||
46 | { | ||
47 | + FILE *f; | ||
48 | + | ||
49 | + f = fopen(opt.dumpfile, "wb"); | ||
50 | + if (!f) | ||
51 | + { | ||
52 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
53 | + perror("fopen"); | ||
54 | + return -1; | ||
55 | + } | ||
56 | + | ||
57 | + if (!(opt.flags & FLAG_QUIET)) | ||
58 | + printf("# Writing %d bytes to %s.\n", ep_len, opt.dumpfile); | ||
59 | + if (fwrite(ep, ep_len, 1, f) != 1) | ||
60 | + { | ||
61 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
62 | + perror("fwrite"); | ||
63 | + goto err_close; | ||
64 | + } | ||
65 | + | ||
66 | + if (fseek(f, 32, SEEK_SET) != 0) | ||
67 | + { | ||
68 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
69 | + perror("fseek"); | ||
70 | + goto err_close; | ||
71 | + } | ||
72 | + | ||
73 | if (!(opt.flags & FLAG_QUIET)) | ||
74 | - printf("# Writing %d bytes to %s.\n", len, opt.dumpfile); | ||
75 | - write_dump(32, len, buf, opt.dumpfile, 0); | ||
76 | + printf("# Writing %d bytes to %s.\n", table_len, opt.dumpfile); | ||
77 | + if (fwrite(table, table_len, 1, f) != 1) | ||
78 | + { | ||
79 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
80 | + perror("fwrite"); | ||
81 | + goto err_close; | ||
82 | + } | ||
83 | + | ||
84 | + if (fclose(f)) | ||
85 | + { | ||
86 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
87 | + perror("fclose"); | ||
88 | + return -1; | ||
89 | + } | ||
90 | + | ||
91 | + return 0; | ||
92 | + | ||
93 | +err_close: | ||
94 | + fclose(f); | ||
95 | + return -1; | ||
96 | } | ||
97 | |||
98 | static void dmi_table_decode(u8 *buf, u32 len, u16 num, u16 ver, u32 flags) | ||
99 | @@ -5351,11 +5396,7 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) | ||
100 | memcpy(crafted, buf, 32); | ||
101 | overwrite_smbios3_address(crafted); | ||
102 | |||
103 | - dmi_table_dump(table, len); | ||
104 | - if (!(opt.flags & FLAG_QUIET)) | ||
105 | - printf("# Writing %d bytes to %s.\n", crafted[0x06], | ||
106 | - opt.dumpfile); | ||
107 | - write_dump(0, crafted[0x06], crafted, opt.dumpfile, 1); | ||
108 | + dmi_table_dump(crafted, crafted[0x06], table, len); | ||
109 | } | ||
110 | else | ||
111 | { | ||
112 | @@ -5427,11 +5468,7 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags) | ||
113 | memcpy(crafted, buf, 32); | ||
114 | overwrite_dmi_address(crafted + 0x10); | ||
115 | |||
116 | - dmi_table_dump(table, len); | ||
117 | - if (!(opt.flags & FLAG_QUIET)) | ||
118 | - printf("# Writing %d bytes to %s.\n", crafted[0x05], | ||
119 | - opt.dumpfile); | ||
120 | - write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); | ||
121 | + dmi_table_dump(crafted, crafted[0x05], table, len); | ||
122 | } | ||
123 | else | ||
124 | { | ||
125 | @@ -5472,11 +5509,7 @@ static int legacy_decode(u8 *buf, const char *devmem, u32 flags) | ||
126 | memcpy(crafted, buf, 16); | ||
127 | overwrite_dmi_address(crafted); | ||
128 | |||
129 | - dmi_table_dump(table, len); | ||
130 | - if (!(opt.flags & FLAG_QUIET)) | ||
131 | - printf("# Writing %d bytes to %s.\n", 0x0F, | ||
132 | - opt.dumpfile); | ||
133 | - write_dump(0, 0x0F, crafted, opt.dumpfile, 1); | ||
134 | + dmi_table_dump(crafted, 0x0F, table, len); | ||
135 | } | ||
136 | else | ||
137 | { | ||
138 | diff --git a/util.c b/util.c | ||
139 | index eeffdae..2e1931c 100644 | ||
140 | --- a/util.c | ||
141 | +++ b/util.c | ||
142 | @@ -247,46 +247,6 @@ out: | ||
143 | return p; | ||
144 | } | ||
145 | |||
146 | -int write_dump(size_t base, size_t len, const void *data, const char *dumpfile, int add) | ||
147 | -{ | ||
148 | - FILE *f; | ||
149 | - | ||
150 | - f = fopen(dumpfile, add ? "r+b" : "wb"); | ||
151 | - if (!f) | ||
152 | - { | ||
153 | - fprintf(stderr, "%s: ", dumpfile); | ||
154 | - perror("fopen"); | ||
155 | - return -1; | ||
156 | - } | ||
157 | - | ||
158 | - if (fseek(f, base, SEEK_SET) != 0) | ||
159 | - { | ||
160 | - fprintf(stderr, "%s: ", dumpfile); | ||
161 | - perror("fseek"); | ||
162 | - goto err_close; | ||
163 | - } | ||
164 | - | ||
165 | - if (fwrite(data, len, 1, f) != 1) | ||
166 | - { | ||
167 | - fprintf(stderr, "%s: ", dumpfile); | ||
168 | - perror("fwrite"); | ||
169 | - goto err_close; | ||
170 | - } | ||
171 | - | ||
172 | - if (fclose(f)) | ||
173 | - { | ||
174 | - fprintf(stderr, "%s: ", dumpfile); | ||
175 | - perror("fclose"); | ||
176 | - return -1; | ||
177 | - } | ||
178 | - | ||
179 | - return 0; | ||
180 | - | ||
181 | -err_close: | ||
182 | - fclose(f); | ||
183 | - return -1; | ||
184 | -} | ||
185 | - | ||
186 | /* Returns end - start + 1, assuming start < end */ | ||
187 | u64 u64_range(u64 start, u64 end) | ||
188 | { | ||
189 | diff --git a/util.h b/util.h | ||
190 | index 3094cf8..ef24eb9 100644 | ||
191 | --- a/util.h | ||
192 | +++ b/util.h | ||
193 | @@ -27,5 +27,4 @@ | ||
194 | int checksum(const u8 *buf, size_t len); | ||
195 | void *read_file(off_t base, size_t *len, const char *filename); | ||
196 | void *mem_chunk(off_t base, size_t len, const char *devmem); | ||
197 | -int write_dump(size_t base, size_t len, const void *data, const char *dumpfile, int add); | ||
198 | u64 u64_range(u64 start, u64 end); | ||
diff --git a/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630.patch b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630.patch new file mode 100644 index 0000000000..bf4d060c8c --- /dev/null +++ b/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630.patch | |||
@@ -0,0 +1,62 @@ | |||
1 | From b7dacccff32294ea522df32a9391d0218e7600ea Mon Sep 17 00:00:00 2001 | ||
2 | From: Jean Delvare <jdelvare@suse.de> | ||
3 | Date: Mon, 20 Feb 2023 14:53:31 +0100 | ||
4 | Subject: [PATCH] dmidecode: Do not let --dump-bin overwrite an existing file | ||
5 | |||
6 | Make sure that the file passed to option --dump-bin does not already | ||
7 | exist. In practice, it is rather unlikely that an honest user would | ||
8 | want to overwrite an existing dump file, while this possibility | ||
9 | could be used by a rogue user to corrupt a system file. | ||
10 | |||
11 | CVE: CVE-2023-30630 | ||
12 | Upstream-Status: Backport [https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c] | ||
13 | |||
14 | Backport Changes: | ||
15 | - Ignored changes in man/dmidecode.8 file. | ||
16 | |||
17 | Signed-off-by: Jean Delvare <jdelvare@suse.de> | ||
18 | Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com> | ||
19 | (cherry picked from commit 6ca381c1247c81f74e1ca4e7706f70bdda72e6f2) | ||
20 | Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com> | ||
21 | |||
22 | --- | ||
23 | dmidecode.c | 14 ++++++++++++-- | ||
24 | 1 file changed, 12 insertions(+), 2 deletions(-) | ||
25 | |||
26 | diff --git a/dmidecode.c b/dmidecode.c | ||
27 | index b91e53b..846d9a1 100644 | ||
28 | --- a/dmidecode.c | ||
29 | +++ b/dmidecode.c | ||
30 | @@ -60,6 +60,7 @@ | ||
31 | * https://www.dmtf.org/sites/default/files/DSP0270_1.0.1.pdf | ||
32 | */ | ||
33 | |||
34 | +#include <fcntl.h> | ||
35 | #include <stdio.h> | ||
36 | #include <string.h> | ||
37 | #include <strings.h> | ||
38 | @@ -5097,13 +5098,22 @@ static void dmi_table_string(const struct dmi_header *h, const u8 *data, u16 ver | ||
39 | static int dmi_table_dump(const u8 *ep, u32 ep_len, const u8 *table, | ||
40 | u32 table_len) | ||
41 | { | ||
42 | + int fd; | ||
43 | FILE *f; | ||
44 | |||
45 | - f = fopen(opt.dumpfile, "wb"); | ||
46 | + fd = open(opt.dumpfile, O_WRONLY|O_CREAT|O_EXCL, 0666); | ||
47 | + if (fd == -1) | ||
48 | + { | ||
49 | + fprintf(stderr, "%s: ", opt.dumpfile); | ||
50 | + perror("open"); | ||
51 | + return -1; | ||
52 | + } | ||
53 | + | ||
54 | + f = fdopen(fd, "wb"); | ||
55 | if (!f) | ||
56 | { | ||
57 | fprintf(stderr, "%s: ", opt.dumpfile); | ||
58 | - perror("fopen"); | ||
59 | + perror("fdopen"); | ||
60 | return -1; | ||
61 | } | ||
62 | |||
diff --git a/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb b/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb index 63f4061cb7..1e7c38dc8a 100644 --- a/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb +++ b/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb | |||
@@ -1,10 +1,14 @@ | |||
1 | SUMMARY = "DMI (Desktop Management Interface) table related utilities" | 1 | SUMMARY = "DMI (Desktop Management Interface) table related utilities" |
2 | HOMEPAGE = "http://www.nongnu.org/dmidecode/" | 2 | HOMEPAGE = "http://www.nongnu.org/dmidecode/" |
3 | DESCRIPTION = "Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard (see a sample output)." | ||
3 | LICENSE = "GPLv2" | 4 | LICENSE = "GPLv2" |
4 | LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" | 5 | LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" |
5 | 6 | ||
6 | SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/dmidecode/${BP}.tar.xz \ | 7 | SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/dmidecode/${BP}.tar.xz \ |
7 | file://0001-Committing-changes-from-do_unpack_extra.patch \ | 8 | file://0001-Committing-changes-from-do_unpack_extra.patch \ |
9 | file://CVE-2023-30630-dependent_p1.patch \ | ||
10 | file://CVE-2023-30630-dependent_p2.patch \ | ||
11 | file://CVE-2023-30630.patch \ | ||
8 | " | 12 | " |
9 | 13 | ||
10 | COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm|powerpc|powerpc64).*-linux" | 14 | COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm|powerpc|powerpc64).*-linux" |