| /OK3568_Linux_fs/buildroot/package/ipmitool/ |
| H A D | 0008-fru-Fix-buffer-overflow-vulnerabilities.patch | 4 Subject: [PATCH] fru: Fix buffer overflow vulnerabilities
29 read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
40 @@ -628,10 +631,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
43 if (finish > fru->size) {
44 + memset(frubuf + fru->size, 0, length - fru->size);
45 finish = fru->size;
53 @@ -667,6 +672,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
59 tmp = fru->access ? off >> 1 : off;
61 @@ -707,9 +713,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
64 tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
[all …]
|
| H A D | 0013-fru-sdr-Fix-id_string-buffer-overflows.patch | 4 Subject: [PATCH] fru, sdr: Fix id_string buffer overflows
34 @@ -3062,7 +3062,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru)
38 - memcpy(desc, fru->id_string, fru->id_code & 0x01f);
39 + memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc)));
40 desc[fru->id_code & 0x01f] = 0;
41 printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id);
78 - snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string);
79 + snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string);
|
| H A D | 0009-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch | 4 Subject: [PATCH] fru: Fix buffer overflow in ipmi_spd_print_fru
11 made to get the `fru.size`, which is used as the size for the allocation
29 struct fru_info fru;
42 + || len > fru.size - offset)
49 } while (offset < fru.size);
|
| /OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/ |
| H A D | 0001-fru-Fix-buffer-overflow-vulnerabilities.patch | 4 Subject: [PATCH] fru: Fix buffer overflow vulnerabilities
30 read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
41 @@ -676,10 +679,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
44 if (finish > fru->size) {
45 + memset(frubuf + fru->size, 0, length - fru->size);
46 finish = fru->size;
54 @@ -715,6 +720,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
60 tmp = fru->access ? off >> 1 : off;
62 @@ -756,9 +762,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
65 tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
[all …]
|
| H A D | 0005-fru-sdr-Fix-id_string-buffer-overflows.patch | 4 Subject: [PATCH 5/5] fru, sdr: Fix id_string buffer overflows
35 @@ -3038,7 +3038,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru)
39 - memcpy(desc, fru->id_string, fru->id_code & 0x01f);
40 + memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc)));
41 desc[fru->id_code & 0x01f] = 0;
42 printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id);
79 - snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string);
80 + snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string);
|
| H A D | 0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch | 4 Subject: [PATCH 1/5] fru: Fix buffer overflow in ipmi_spd_print_fru
11 made to get the `fru.size`, which is used as the size for the allocation
30 struct fru_info fru;
43 + || len > fru.size - offset)
50 } while (offset < fru.size);
|
| /OK3568_Linux_fs/kernel/drivers/scsi/bfa/ |
| H A D | bfa_ioc.c | 6188 struct bfa_fru_s *fru = cbarg; in bfa_fru_notify() local
6190 bfa_trc(fru, event); in bfa_fru_notify()
6195 if (fru->op_busy) { in bfa_fru_notify()
6196 fru->status = BFA_STATUS_IOC_FAILURE; in bfa_fru_notify()
6197 fru->cbfn(fru->cbarg, fru->status); in bfa_fru_notify()
6198 fru->op_busy = 0; in bfa_fru_notify()
6215 struct bfa_fru_s *fru = cbarg; in bfa_fru_write_send() local
6217 (struct bfi_fru_write_req_s *) fru->mb.msg; in bfa_fru_write_send()
6220 msg->offset = cpu_to_be32(fru->addr_off + fru->offset); in bfa_fru_write_send()
6221 len = (fru->residue < BFA_FRU_DMA_BUF_SZ) ? in bfa_fru_write_send()
[all …]
|
| H A D | bfa_ioc.h | 736 #define BFA_FRU(__bfa) (&(__bfa)->modules.fru)
739 bfa_status_t bfa_fruvpd_update(struct bfa_fru_s *fru,
742 bfa_status_t bfa_fruvpd_read(struct bfa_fru_s *fru,
745 bfa_status_t bfa_fruvpd_get_max_size(struct bfa_fru_s *fru, u32 *max_size);
746 bfa_status_t bfa_tfru_write(struct bfa_fru_s *fru,
749 bfa_status_t bfa_tfru_read(struct bfa_fru_s *fru,
753 void bfa_fru_attach(struct bfa_fru_s *fru, struct bfa_ioc_s *ioc,
755 void bfa_fru_memclaim(struct bfa_fru_s *fru,
|
| H A D | bfa_modules.h | 41 struct bfa_fru_s fru; /* fru module */ member
|
| H A D | bfa_core.c | 167 struct bfa_fru_s *fru = BFA_FRU(bfa); in bfa_com_fru_attach() local
170 bfa_fru_attach(fru, &bfa->ioc, bfa, bfa->trcmod, mincfg); in bfa_com_fru_attach()
171 bfa_fru_memclaim(fru, fru_dma->kva_curp, fru_dma->dma_curp, mincfg); in bfa_com_fru_attach()
|
| /OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ |
| H A D | ipmitool_1.8.18.bb | 27 file://0001-fru-Fix-buffer-overflow-vulnerabilities.patch \
28 file://0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch \
32 file://0005-fru-sdr-Fix-id_string-buffer-overflows.patch \
|
| /OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/ |
| H A D | openhpi-fix-alignment-issue.patch | 13 rv = ipmi_fru_set_board_info_mfg_time(fru, 0);
18 rv = ipmi_fru_set_board_info_mfg_time(fru,
|
| /OK3568_Linux_fs/kernel/drivers/scsi/aic7xxx/ |
| H A D | aiclib.h | 109 uint8_t fru; member
|
| /OK3568_Linux_fs/kernel/arch/arm/boot/dts/ |
| H A D | aspeed-bmc-inspur-fp5280g2.dts | 297 label = "fru";
|