Author: mcayland Date: Sun Jun 21 20:52:35 2015 New Revision: 1341 URL: http://tracker.coreboot.org/trac/openbios/changeset/1341
Log: bootinfo_load.c: stop parsing CHRP boot script when NULL is reached
The Mac OS 9 CHRP boot script consists of a null-terminated Forth string followed by a large binary payload. Make sure we correctly determine the size of the bootscript at this point instead of trying to allocate memory for the entire binary blob which fails due to insufficient memory.
Signed-off-by: Mark Cave-Ayland mark.cave-ayland@ilande.co.uk
Modified: trunk/openbios-devel/libopenbios/bootinfo_load.c
Modified: trunk/openbios-devel/libopenbios/bootinfo_load.c ============================================================================== --- trunk/openbios-devel/libopenbios/bootinfo_load.c Wed May 13 01:11:05 2015 (r1340) +++ trunk/openbios-devel/libopenbios/bootinfo_load.c Sun Jun 21 20:52:35 2015 (r1341) @@ -161,6 +161,12 @@ feval("load-size"); size = POP();
+ /* Some bootinfo scripts contain a binary payload after the + NULL-terminated Forth string such as OS 9. Restrict our + size to just the Forth section, otherwise we end up trying + to allocate memory for the entire binary which might fail. */ + size = strnlen(base, size); + bootscript = malloc(size); if (bootscript == NULL) { DPRINTF("Can't malloc %d bytes\n", size);