bfbaafae85
dmi_num is a u16, dmi_len is a u32, so this construct:
dmi_num = dmi_len / 4;
would result in an integer overflow for a DMI table larger than
256 kB. I've never see such a large table so far, but SMBIOS 3.0
makes it possible so maybe we'll see such tables in the future.
So instead of faking a structure count when the entry point does
not provide it, adjust the loop condition in dmi_table() to properly
deal with the case where dmi_num is not set.
This bug was introduced with the initial SMBIOS 3.0 support in commit
|
||
---|---|---|
.. | ||
efi | ||
dcdbas.c | ||
dcdbas.h | ||
dell_rbu.c | ||
dmi-id.c | ||
dmi-sysfs.c | ||
dmi_scan.c | ||
edd.c | ||
iscsi_ibft.c | ||
iscsi_ibft_find.c | ||
Kconfig | ||
Makefile | ||
memmap.c | ||
pcdp.c | ||
pcdp.h |