|
 |
f96e0b |
From 20f0e206ae3a863c3e9e3a5a198fbac1aa549514 Mon Sep 17 00:00:00 2001
|
|
|
f96e0b |
From: Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>
|
|
|
f96e0b |
Date: Fri, 12 Apr 2013 20:17:53 +0200
|
|
|
f96e0b |
Subject: [PATCH 291/482] * grub-core/net/http.c: Fix bad free.
|
|
|
f96e0b |
|
|
|
f96e0b |
---
|
|
|
f96e0b |
ChangeLog | 4 ++++
|
|
|
f96e0b |
grub-core/net/http.c | 15 ++++++++++++---
|
|
|
f96e0b |
2 files changed, 16 insertions(+), 3 deletions(-)
|
|
|
f96e0b |
|
|
|
f96e0b |
diff --git a/ChangeLog b/ChangeLog
|
|
|
f96e0b |
index ced68cc..79563b8 100644
|
|
|
f96e0b |
--- a/ChangeLog
|
|
|
f96e0b |
+++ b/ChangeLog
|
|
|
f96e0b |
@@ -1,5 +1,9 @@
|
|
|
f96e0b |
2013-04-12 Vladimir Serbinenko <phcoder@gmail.com>
|
|
|
f96e0b |
|
|
|
f96e0b |
+ * grub-core/net/http.c: Fix bad free.
|
|
|
f96e0b |
+
|
|
|
f96e0b |
+2013-04-12 Vladimir Serbinenko <phcoder@gmail.com>
|
|
|
f96e0b |
+
|
|
|
f96e0b |
* grub-core/net/drivers/ieee1275/ofnet.c: Don't attempt to send more
|
|
|
f96e0b |
than buffer size.
|
|
|
f96e0b |
|
|
|
f96e0b |
diff --git a/grub-core/net/http.c b/grub-core/net/http.c
|
|
|
f96e0b |
index a7542d1..4684f8b 100644
|
|
|
f96e0b |
--- a/grub-core/net/http.c
|
|
|
f96e0b |
+++ b/grub-core/net/http.c
|
|
|
f96e0b |
@@ -157,9 +157,10 @@ http_err (grub_net_tcp_socket_t sock __attribute__ ((unused)),
|
|
|
f96e0b |
|
|
|
f96e0b |
if (data->sock)
|
|
|
f96e0b |
grub_net_tcp_close (data->sock, GRUB_NET_TCP_ABORT);
|
|
|
f96e0b |
+ data->sock = 0;
|
|
|
f96e0b |
if (data->current_line)
|
|
|
f96e0b |
grub_free (data->current_line);
|
|
|
f96e0b |
- grub_free (data);
|
|
|
f96e0b |
+ data->current_line = 0;
|
|
|
f96e0b |
file->device->net->eof = 1;
|
|
|
f96e0b |
file->device->net->stall = 1;
|
|
|
f96e0b |
if (file->size == GRUB_FILE_SIZE_UNKNOWN)
|
|
|
f96e0b |
@@ -175,6 +176,12 @@ http_receive (grub_net_tcp_socket_t sock __attribute__ ((unused)),
|
|
|
f96e0b |
http_data_t data = file->data;
|
|
|
f96e0b |
grub_err_t err;
|
|
|
f96e0b |
|
|
|
f96e0b |
+ if (!data->sock)
|
|
|
f96e0b |
+ {
|
|
|
f96e0b |
+ grub_netbuff_free (nb);
|
|
|
f96e0b |
+ return GRUB_ERR_NONE;
|
|
|
f96e0b |
+ }
|
|
|
f96e0b |
+
|
|
|
f96e0b |
while (1)
|
|
|
f96e0b |
{
|
|
|
f96e0b |
char *ptr = (char *) nb->data;
|
|
|
f96e0b |
@@ -432,7 +439,8 @@ http_seek (struct grub_file *file, grub_off_t off)
|
|
|
f96e0b |
grub_err_t err;
|
|
|
f96e0b |
old_data = file->data;
|
|
|
f96e0b |
/* FIXME: Reuse socket? */
|
|
|
f96e0b |
- grub_net_tcp_close (old_data->sock, GRUB_NET_TCP_ABORT);
|
|
|
f96e0b |
+ if (old_data->sock)
|
|
|
f96e0b |
+ grub_net_tcp_close (old_data->sock, GRUB_NET_TCP_ABORT);
|
|
|
f96e0b |
old_data->sock = 0;
|
|
|
f96e0b |
|
|
|
f96e0b |
while (file->device->net->packs.first)
|
|
|
f96e0b |
@@ -529,7 +537,8 @@ http_packets_pulled (struct grub_file *file)
|
|
|
f96e0b |
|
|
|
f96e0b |
if (!file->device->net->eof)
|
|
|
f96e0b |
file->device->net->stall = 0;
|
|
|
f96e0b |
- grub_net_tcp_unstall (data->sock);
|
|
|
f96e0b |
+ if (data && data->sock)
|
|
|
f96e0b |
+ grub_net_tcp_unstall (data->sock);
|
|
|
f96e0b |
return 0;
|
|
|
f96e0b |
}
|
|
|
f96e0b |
|
|
|
f96e0b |
--
|
|
|
f96e0b |
1.8.2.1
|
|
|
f96e0b |
|