From owner-cvs-src-old@FreeBSD.ORG  Wed Jul 14 18:06:38 2010
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 89BBE1065677
	for <cvs-src-old@freebsd.org>; Wed, 14 Jul 2010 18:06:38 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 78A528FC1E
	for <cvs-src-old@freebsd.org>; Wed, 14 Jul 2010 18:06:38 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o6EI6chw084447
	for <cvs-src-old@freebsd.org>; Wed, 14 Jul 2010 18:06:38 GMT
	(envelope-from jhb@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o6EI6cLa084446
	for cvs-src-old@freebsd.org; Wed, 14 Jul 2010 18:06:38 GMT
	(envelope-from jhb@repoman.freebsd.org)
Message-Id: <201007141806.o6EI6cLa084446@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	jhb@repoman.freebsd.org using -f
From: John Baldwin <jhb@FreeBSD.org>
Date: Wed, 14 Jul 2010 18:06:21 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/dev/ipmi ipmi_smbios.c
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jul 2010 18:06:38 -0000

jhb         2010-07-14 18:06:21 UTC

  FreeBSD src repository

  Modified files:
    sys/dev/ipmi         ipmi_smbios.c 
  Log:
  SVN rev 210066 on 2010-07-14 18:06:21Z by jhb
  
  Rework the SMBIOS table walker to make it operate like other table walkers
  and remove a buffer overflow:
  - Remove the array of per-type dispatch functions.  Instead, pass each
    structure to a single callback.  The callback should check the type of
    each table entry to take appropriate action.  This matches the behavior
    of other table walkers such as for the MP Table and MADT.
  - Don't attempt to save an array of string pointers for each structure
    entry.  Instead, just skip the strings.  If this code is reused to
    provide a generic SMBIOS table walker in the future we could provide
    a method that looks up a specific string N for a given structure record
    instead of pre-populating an array of pointers.  This fixes a buffer
    overflow for structure entries with more than 20 strings.
  
  PR:             kern/148546
  Reported by:    Spencer Minear @ McAfee
  MFC after:      3 days
  
  Revision  Changes    Path
  1.6       +33 -49    src/sys/dev/ipmi/ipmi_smbios.c