From a075e58606b9affb6dfb176c71caab816737a981 Mon Sep 17 00:00:00 2001 From: Steve McIntyre Date: Sat, 17 Feb 2024 17:35:37 +0000 Subject: New upstream version 15.8 --- httpboot.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'httpboot.c') diff --git a/httpboot.c b/httpboot.c index dfa493bf..ac9ea25c 100644 --- a/httpboot.c +++ b/httpboot.c @@ -578,7 +578,13 @@ receive_http_response(EFI_HTTP_PROTOCOL *http, VOID **buffer, UINT64 *buf_size) } if (*buf_size == 0) { - perror(L"Failed to get Content-Lenght\n"); + perror(L"Failed to get Content-Length\n"); + goto error; + } + + if (*buf_size < rx_message.BodyLength) { + efi_status = EFI_BAD_BUFFER_SIZE; + perror(L"Invalid Content-Length\n"); goto error; } @@ -713,18 +719,20 @@ error: } EFI_STATUS -httpboot_fetch_buffer (EFI_HANDLE image, VOID **buffer, UINT64 *buf_size) +httpboot_fetch_buffer (EFI_HANDLE image, VOID **buffer, UINT64 *buf_size, + CHAR8 *name) { EFI_STATUS efi_status; EFI_HANDLE nic; - CHAR8 next_loader[sizeof DEFAULT_LOADER_CHAR]; + CHAR8 *next_loader; CHAR8 *next_uri = NULL; CHAR8 *hostname = NULL; if (!uri) return EFI_NOT_READY; - translate_slashes(next_loader, DEFAULT_LOADER_CHAR); + next_loader = (CHAR8 *)AllocatePool((strlen(name) + 1) * sizeof (CHAR8)); + translate_slashes(next_loader, name); /* Create the URI for the next loader based on the original URI */ efi_status = generate_next_uri(uri, next_loader, &next_uri); -- cgit v1.2.3