Project

General

Profile

Bug #13560

smbios(1m) should sanitize strings

Added by Rich Lowe 20 days ago. Updated 4 days ago.

Status:
Closed
Priority:
Normal
Category:
cmd - userland programs
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
Gerrit CR:

Description

Looking at this intel NUC, we seem willing to print strings as they're presented to us. One my SKUs is a literal ^E. Given the general quality of smbios info, it'd be a good idea to sanity check and print potentially escaped versions of all strings.

  SKU Number:                                  
  SKU number: ^E

(fixing that capitalisation would be good too).

#1

Updated by Robert Mustacchi 19 days ago

  • Assignee set to Robert Mustacchi
#2

Updated by Robert Mustacchi 9 days ago

  • Subject changed from smbios(1m) and/or libsmbios should sanitize strings to smbios(1m) should sanitize strings
  • % Done changed from 0 to 90

For the moment, I've done things such that smbios the command escapes strings. We probably need to go through and figure out a way to make this work for libsmbios so consumers don't have to all deal with this, but there are a bunch of complications around memory allocation and lifetimes as a result that I decided to at least clean up smbios(1M) for the moment. We may want to do the same for libsmbios, but I've repurposed this for the moment for smbios(1M).

To test this, I took smbios images from:

  • An AMD Rome based system running illumos
  • A Lenovo laptop running Linux
  • Rich's smbios image that triggered this

For each of them, I compared the smbios output before and after and found the only differences were the string being escaped in Rich's case and the more consistent SKU number.

#3

Updated by Electric Monk 9 days ago

  • Gerrit CR set to 1295
#4

Updated by Robert Mustacchi 4 days ago

I also ran the utiltests to get the smbios test suite. There is one unrelated failure noted below which I root caused to be #13600 and have fixed separately. The smbios tests all passed:

$ pfexec /opt/util-tests/bin/utiltest 
Test: /opt/util-tests/tests/allowed-ips (run as root)             [00:00] [PASS]
Test: /opt/util-tests/tests/chown_test (run as root)              [00:00] [PASS]
Test: /opt/util-tests/tests/date_test (run as root)               [00:00] [PASS]
Test: /opt/util-tests/tests/find/findtest (run as root)           [00:00] [PASS]
Test: /opt/util-tests/tests/grep_test (run as root)               [00:02] [PASS]
Test: /opt/util-tests/tests/head/head_test (run as root)          [00:00] [PASS]
Test: /opt/util-tests/tests/libjedec_test (run as root)           [00:00] [PASS]
Test: /opt/util-tests/tests/libsff/libsff (run as root)           [00:00] [PASS]
Test: /opt/util-tests/tests/make_test (run as root)               [00:00] [PASS]
Test: /opt/util-tests/tests/mdb/mdbtest (run as root)             [00:00] [PASS]
Test: /opt/util-tests/tests/mergeq/mqt (run as root)              [00:00] [PASS]
Test: /opt/util-tests/tests/mergeq/wqt (run as root)              [00:00] [PASS]
Test: /opt/util-tests/tests/printf_test (run as root)             [00:00] [PASS]
Test: /opt/util-tests/tests/set-linkprop (run as root)            [00:00] [PASS]
Test: /opt/util-tests/tests/sleep/sleeptest (run as root)         [00:19] [PASS]
Test: /opt/util-tests/tests/smbios (run as root)                  [00:00] [PASS]
Test: /opt/util-tests/tests/xargs_test (run as root)              [00:00] [PASS]
Test: /opt/util-tests/tests/awk/runtests.sh (run as nobody)       [02:53] [PASS]
Test: /opt/util-tests/tests/ctf/precheck (run as root)            [00:00] [PASS]
Test: /opt/util-tests/tests/ctf/ctftest (run as root)             [00:05] [FAIL]
Test: /opt/util-tests/tests/demangle/afl-fast (run as root)       [00:01] [PASS]
Test: /opt/util-tests/tests/demangle/gcc-libstdc++ (run as root)  [00:00] [PASS]
Test: /opt/util-tests/tests/demangle/llvm-stdcxxabi (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libcustr/custr_remove (run as root)   [00:00] [PASS]
Test: /opt/util-tests/tests/libcustr/custr_trunc (run as root)    [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_00_blank (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_01_boolean (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_02_numbers (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_03_empty_arrays (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_04_number_arrays (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_05_strings (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_06_nested (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/libnvpair_json/json_07_nested_arrays (run as root) [00:00] [PASS]
Test: /opt/util-tests/tests/sed/sed_addr (run as root)            [00:00] [PASS]
Test: /opt/util-tests/tests/sed/multi_test (run as root)          [00:00] [PASS]

Results Summary
FAIL       1
PASS      34

Running Time:   00:03:28
Percent passed: 97.1%
#5

Updated by Electric Monk 4 days ago

  • Status changed from New to Closed
  • % Done changed from 90 to 100

git commit 0f56e145e1bddbb7bdc804efe2d5fcbe21d5aec2

commit  0f56e145e1bddbb7bdc804efe2d5fcbe21d5aec2
Author: Robert Mustacchi <rm@fingolfin.org>
Date:   2021-03-04T15:11:27.000Z

    13560 smbios(1m) should sanitize strings
    Reviewed by: Gordon Ross <gordon.w.ross@gmail.com>
    Reviewed by: Andy Fiddaman <andy@omniosce.org>
    Approved by: Dan McDonald <danmcd@joyent.com>

Also available in: Atom PDF