Hi,
i wrote:
> I think the loop end condition should use 4 rather than 1:
> (char *) entry < (char *) sua + sua_size - 4 && entry->len > 0
Urm ... better "3 rather than 1":
(char *) entry < (char *) sua + sua_size - 3 && entry->len > 0
The memory fault by entry->len will appear if
entry >= sua + sua_size - 2
(Only good i did not submit a patch attempt.
Why is that "- 1" present anyways ? Shall it ensure the presence of
entry->type ?)
Have a nice day :)
Thomas
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
