Fix a potential (but highly improbable) buffer overrun in the VPD record

decoding.
author: Jean Delvare <jdelvare@suse.de> 2005-10-03 17:43:03 +0000
committer: Jean Delvare <jdelvare@suse.de> 2005-10-03 17:43:03 +0000
commit: fdeb056b9c68757d823917abc83ed6de10bdf186 (patch)
tree: 4f3d450edc4b1ce56f138dc88fa43bf6edced186 /biosdecode.c
parent: 61eb682833bac7678e072a336337f27ddbee7e23 (diff)
download: dmidecode-git-fdeb056b9c68757d823917abc83ed6de10bdf186.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/biosdecode.c b/biosdecode.c
index 68f47e5..e2df7a2 100644
--- a/biosdecode.c
+++ b/biosdecode.c
@@ -459,12 +459,15 @@ static size_t vpd_length(const u8 *p)
 
 static int vpd_decode(const u8 *p, size_t len)
 {
+	if(len<0x30)
+		return 0;
+
 	/* XSeries have longer records. */
 	if(!(len>=0x46 && checksum(p, 0x46))
 	/* Some Netvista seem to work with this. */
-	&& !(checksum(p, 0x30))
+	&& !checksum(p, 0x30)
 	/* The Thinkpad checksum does *not* include the first 13 bytes. */
-	&& !(len>=0x30 && checksum(p+0x0D, 0x30-0x0D)))
+	&& !checksum(p+0x0D, 0x30-0x0D))
 		return 0;
 	
 	printf("VPD present.\n");
author	Jean Delvare <jdelvare@suse.de>	2005-10-03 17:43:03 +0000
committer	Jean Delvare <jdelvare@suse.de>	2005-10-03 17:43:03 +0000
commit	fdeb056b9c68757d823917abc83ed6de10bdf186 (patch)
tree	4f3d450edc4b1ce56f138dc88fa43bf6edced186 /biosdecode.c
parent	61eb682833bac7678e072a336337f27ddbee7e23 (diff)
download	dmidecode-git-fdeb056b9c68757d823917abc83ed6de10bdf186.tar.gz