boot: pxe_utils: Fix potential initrd_filesize buffer overflow

ulong is 64 bits on 64-bit platforms. Hence, simple_xtoa can produce up to 16 hex characters + NULL byte. The initrd_filesize buffer is only 10 bytes which can cause a buffer overflow on every PXE boot that loads an initrd on an address greater than 4GB. Increase buffer size to 17 bytes to hold the maximum hex representation of a 64-bit address. Signed-off-by: Francois Berder <[email protected]> Reviewed-by: Jerome Forissier <[email protected]>
author: Francois Berder <[email protected]> 2026-05-15 22:35:03 +0200
committer: Jerome Forissier <[email protected]> 2026-06-03 17:22:24 +0200
commit: fac46e5aa7c448444764044467e0cceb9d12f3f0 (patch)
tree: bf7773e960839b3178042bd6a71fd349cb9e91b2
parent: f447887238822af40582483112cab524926e9258 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/boot/pxe_utils.c b/boot/pxe_utils.c
index 419ab1f1b0e..8c1310dabeb 100644
--- a/boot/pxe_utils.c
+++ b/boot/pxe_utils.c
@@ -546,7 +546,7 @@ static int label_boot(struct pxe_context *ctx, struct pxe_label *label)
 	char *zboot_argv[] = { "zboot", NULL, "0", NULL, NULL };
 	char *kernel_addr = NULL;
 	char *initrd_addr_str = NULL;
-	char initrd_filesize[10];
+	char initrd_filesize[17];
 	char initrd_str[28];
 	char mac_str[29] = "";
 	char ip_str[68] = "";
author	Francois Berder <[email protected]>	2026-05-15 22:35:03 +0200
committer	Jerome Forissier <[email protected]>	2026-06-03 17:22:24 +0200
commit	fac46e5aa7c448444764044467e0cceb9d12f3f0 (patch)
tree	bf7773e960839b3178042bd6a71fd349cb9e91b2
parent	f447887238822af40582483112cab524926e9258 (diff)