diff --git a/sys/dev/smbios/smbios.h b/sys/dev/smbios/smbios.h
--- a/sys/dev/smbios/smbios.h
+++ b/sys/dev/smbios/smbios.h
@@ -80,11 +80,13 @@
 typedef void (*smbios_callback_t)(struct smbios_structure_header *, void *);
 
 static inline void
-smbios_walk_table(uint8_t *p, int entries, smbios_callback_t cb, void *arg)
+smbios_walk_table(uint8_t *p, int entries, vm_size_t len,
+    smbios_callback_t cb, void *arg)
 {
 	struct smbios_structure_header *s;
+	uint8_t *endp = p + len;
 
-	while (entries--) {
+	while (entries-- && p < endp) {
 		s = (struct smbios_structure_header *)p;
 		cb(s, arg);
 
@@ -93,7 +95,7 @@
 		 * formatted area of this structure.
 		 */
 		p += s->length;
-		while (!(p[0] == 0 && p[1] == 0))
+		while (p + 1 < endp && !(p[0] == 0 && p[1] == 0))
 			p++;
 
 		/*