This adjusts Debian's net_bootp6 patch to perform safe allocation. (In
practice this isn't a security problem because `ln` is 16 bits so it
can't overflow after promotion to 32 bits.)
Signed-off-by: Colin Watson <cjwatson@debian.org>
Patch-Name: bootp-alloc.patch
break;
}
dhcp6->num_dns_server = ln = len >> 4;
- dhcp6->dns_server_addrs = la = grub_zalloc (ln * sizeof (*la));
+ dhcp6->dns_server_addrs = la = grub_calloc (ln, sizeof (*la));
for (po = opt->data; ln > 0; po += 0x10, la++, ln--)
{