1 files changed, 0 insertions, 55 deletions

diff --git a/user/dmidecode/security1.patch b/user/dmidecode/security1.patch
deleted file mode 100644
index da4bc9815..000000000
--- a/user/dmidecode/security1.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 8ff32018e8dd53c26d1f0daef118037fdae58c68 Mon Sep 17 00:00:00 2001
-From: Jean Delvare <jdelvare@suse.de>
-Date: Wed, 1 Aug 2018 09:54:45 +0200
-Subject: dmidecode: Avoid OOB read on invalid entry point length
-
-Don't let the entry point checksum verification run beyond the end of
-the buffer holding it (32 bytes).
-
-This bug was discovered by Lionel Debroux using the AFL fuzzer and
-AddressSanitizer.
-
-Signed-off-by: Jean Delvare <jdelvare@suse.de>
----
- dmidecode.c | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
-
-diff --git a/dmidecode.c b/dmidecode.c
-index fa6ecf1..474ca7b 100644
---- a/dmidecode.c
-+++ b/dmidecode.c
-@@ -4928,6 +4928,15 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags)
- 	u32 ver;
- 	u64 offset;
- 
-+	/* Don't let checksum run beyond the buffer */
-+	if (buf[0x06] > 0x20)
-+	{
-+		fprintf(stderr,
-+			"Entry point length too large (%u bytes, expected %u).\n",
-+			(unsigned int)buf[0x06], 0x18U);
-+		return 0;
-+	}
-+
- 	if (!checksum(buf, buf[0x06]))
- 		return 0;
- 
-@@ -4966,6 +4975,15 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags)
- {
- 	u16 ver;
- 
-+	/* Don't let checksum run beyond the buffer */
-+	if (buf[0x05] > 0x20)
-+	{
-+		fprintf(stderr,
-+			"Entry point length too large (%u bytes, expected %u).\n",
-+			(unsigned int)buf[0x05], 0x1FU);
-+		return 0;
-+	}
-+
- 	if (!checksum(buf, buf[0x05])
- 	 || memcmp(buf + 0x10, "_DMI_", 5) != 0
- 	 || !checksum(buf + 0x10, 0x0F))
--- 
-cgit v1.0-41-gc330
-