]> git.proxmox.com Git - mirror_edk2.git/blobdiff - NetworkPkg/HttpDxe/HttpProto.c
projects / mirror_edk2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
NetworkPkg/HttpDxe: fix read memory access overflow in HTTPBoot.
[mirror_edk2.git] / NetworkPkg / HttpDxe / HttpProto.c
diff --git a/NetworkPkg/HttpDxe/HttpProto.c b/NetworkPkg/HttpDxe/HttpProto.c
index 94f89f5665846049c0aafbf471d18463d186d84e..7d69429be7937ead5c630b4903db265686a3b7be 100644 (file)
--- a/NetworkPkg/HttpDxe/HttpProto.c
+++ b/NetworkPkg/HttpDxe/HttpProto.c
@@ -1914,10 +1914,10 @@ HttpTcpReceiveHeader (
       }\r
 \r
       //\r
-      // Append the response string.\r
+      // Append the response string along with a Null-terminator.\r
       //\r
       *BufferSize = *SizeofHeaders + Fragment.Len;\r
-      Buffer      = AllocateZeroPool (*BufferSize);\r
+      Buffer      = AllocatePool (*BufferSize + 1);\r
       if (Buffer == NULL) {\r
         Status = EFI_OUT_OF_RESOURCES;\r
         return Status;\r
@@ -1933,6 +1933,7 @@ HttpTcpReceiveHeader (
         Fragment.Bulk,\r
         Fragment.Len\r
         );\r
+      *(Buffer + *BufferSize) = '\0';\r
       *HttpHeaders   = Buffer;\r
       *SizeofHeaders = *BufferSize;\r
 \r
@@ -2013,10 +2014,10 @@ HttpTcpReceiveHeader (
       }\r
 \r
       //\r
-      // Append the response string.\r
+      // Append the response string along with a Null-terminator.\r
       //\r
       *BufferSize = *SizeofHeaders + Fragment.Len;\r
-      Buffer      = AllocateZeroPool (*BufferSize);\r
+      Buffer      = AllocatePool (*BufferSize + 1);\r
       if (Buffer == NULL) {\r
         Status = EFI_OUT_OF_RESOURCES;\r
         return Status;\r
@@ -2032,6 +2033,7 @@ HttpTcpReceiveHeader (
         Fragment.Bulk,\r
         Fragment.Len\r
         );\r
+      *(Buffer + *BufferSize) = '\0';\r
       *HttpHeaders   = Buffer;\r
       *SizeofHeaders = *BufferSize;\r
 \r
EFI Development Kit II mirror for PVE