[syslinux:lwip] pxe, http: correct the header overflow test

[syslinux-bot for H. Peter Anvin]

Commit-ID:  99e8e9b8043bc723486f5da22ceb640e2a340457
Gitweb:     http://syslinux.zytor.com/commit/99e8e9b8043bc723486f5da22ceb640e2a340457
Author:     H. Peter Anvin <hpa at linux.intel.com>
AuthorDate: Tue, 26 Apr 2011 15:23:43 -0700
Committer:  H. Peter Anvin <hpa at linux.intel.com>
CommitDate: Tue, 26 Apr 2011 15:23:43 -0700

pxe, http: correct the header overflow test

sizeof header_buf isn't very useful when that's an actual pointer...

Signed-off-by: H. Peter Anvin <hpa at linux.intel.com>


---
 core/fs/pxe/http.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/core/fs/pxe/http.c b/core/fs/pxe/http.c
index d98cc4a..c7613bb 100644
--- a/core/fs/pxe/http.c
+++ b/core/fs/pxe/http.c
@@ -185,6 +185,7 @@ void http_open(struct url_info *url, struct inode *inode, const char **redir)
     addr.addr = url->ip;
     if (!url->port)
 	url->port = HTTP_PORT;
+
     err = netconn_connect(socket->conn, &addr, url->port);
     if (err) {
 	printf("netconn_connect error %d\n", err);
@@ -194,7 +195,7 @@ void http_open(struct url_info *url, struct inode *inode, const char **redir)
     strcpy(header_buf, "GET /");
     header_bytes = 5;
     header_bytes += url_escape_unsafe(header_buf+5, url->path,
-				    sizeof header_buf - 5);
+				      sizeof header_buf - 5);
     if (header_bytes > header_len)
 	goto fail;		/* Buffer overflow */
     header_bytes += snprintf(header_buf + header_bytes,
@@ -206,7 +207,7 @@ void http_open(struct url_info *url, struct inode *inode, const char **redir)
 			     "%s"
 			     "\r\n",
 			     url->host, cookie_buf ? cookie_buf : "");
-    if (header_bytes > sizeof header_buf)
+    if (header_bytes > header_len)
 	goto fail;		/* Buffer overflow */
 
     err = netconn_write(socket->conn, header_buf,