Date: Tue, 23 Feb 2021 15:08:00 GMT From: Roger Pau Monné <royger@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 0eaa97f0e862 - main - stand/multiboot2: fix header length check Message-ID: <202102231508.11NF80BZ011377@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by royger: URL: https://cgit.FreeBSD.org/src/commit/?id=0eaa97f0e8629bcf678ff4de2678e4cba00f1c91 commit 0eaa97f0e8629bcf678ff4de2678e4cba00f1c91 Author: Roger Pau Monné <royger@FreeBSD.org> AuthorDate: 2021-02-23 14:56:27 +0000 Commit: Roger Pau Monné <royger@FreeBSD.org> CommitDate: 2021-02-23 15:05:03 +0000 stand/multiboot2: fix header length check Check whether we have reached the end of the buffer using search_size instead of MULTIBOOT_SEARCH, which is the maximum defined by the specification, but the file can be shorter than that. This prevents printing a harmless error message when loading a file that is smaller than MULTIBOOT_SEARCH. Sponsored by: Citrix Systems R&D MFC after: 3 days Fixes: adda2797eb2a ('stand/multiboot2: add support for booting a Xen dom0 in UEFI mode') --- stand/efi/loader/arch/amd64/multiboot2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stand/efi/loader/arch/amd64/multiboot2.c b/stand/efi/loader/arch/amd64/multiboot2.c index 6ee36afcb881..4d7b2713685d 100644 --- a/stand/efi/loader/arch/amd64/multiboot2.c +++ b/stand/efi/loader/arch/amd64/multiboot2.c @@ -107,7 +107,7 @@ loadfile(char *filename, uint64_t dest, struct preloaded_file **result) break; } - if (i >= MULTIBOOT_SEARCH) { + if (i >= search_size) { error = EFTYPE; goto out; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102231508.11NF80BZ011377>