dmidecode: fixup for CVE-2023-30630
The previous CVE-2023-30630_1.patch picked only the patch
"dmidecode: Write the whole dump file at once"
d8cfbc808f.
But there was a refactoring which does not allow to cherry-pick it fast
forward. Resolving this conflict was not correctly done. The patch was:
+ u32 len;
+ u8 *table;
...
- if (!(opt.flags & FLAG_QUIET))
- pr_comment("Writing %d bytes to %s.", crafted[0x05],
- opt.dumpfile);
- write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1);
+ dmi_table_dump(crafted, crafted[0x05], table, len);
It looks like the variables len and table have been added without
initialization.
Now this problem is solved by applying the previous refactoring as
well. Patch 1 gets replaced by Patch 1a and Patch 1b. Patch 2..4 are
rebased without changes.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
projects / thirdparty / openembedded / openembedded-core.git / commit
