fix smbios blob length overflow

When tables are more than 64K, size of copied tables will be
truncated due to cast from u32 to u16, and as result only
a small portion of the tables will be copied in the end.
That leads to corrupted tables (a part from QEMU and
remainder is whatever was in memory block allocated for
the tables).

Fix it by making qtables_len 32bit int.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>

diff --git a/src/fw/biostables.c b/src/fw/biostables.c
index 1c09a785bac946d6b2dbb645f12fd63eead38130..90712d4bdd059f56d4aacbc21a3c7586cf6dfd26 100644 (file)
--- a/src/fw/biostables.c
+++ b/src/fw/biostables.c
@@ -499,7 +499,7 @@ smbios_build_tables(struct romfile_s *f_tables,
                     u16 *number_of_structures)
 {
     struct smbios_type_0 *t0;
-    u16 qtables_len, need_t0 = 1;
+    u32 qtables_len, need_t0 = 1;
     u8 *qtables, *tables;
 
     if (f_tables->size != *length)