If a simple string for arguments are passed it should be NUL
terminated. This is true for other code but not for "linux"
command.

Signed-off-by: Frediano Ziglio <frediano.zig...@cloud.com>
---
 grub-core/loader/efi/linux.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index 78ea07ca8..afda6ef8f 100644
--- a/grub-core/loader/efi/linux.c
+++ b/grub-core/loader/efi/linux.c
@@ -190,7 +190,7 @@ grub_arch_efi_linux_boot_image (grub_addr_t addr, 
grub_size_t size, char *args)
   grub_efi_boot_services_t *b;
   grub_efi_status_t status;
   grub_efi_loaded_image_t *loaded_image;
-  int len;
+  grub_size_t len;
 
   mempath = grub_malloc (2 * sizeof (grub_efi_memory_mapped_device_path_t));
   if (!mempath)
@@ -230,9 +230,10 @@ grub_arch_efi_linux_boot_image (grub_addr_t addr, 
grub_size_t size, char *args)
   if (!loaded_image->load_options)
     return grub_errno;
 
-  loaded_image->load_options_size =
-    2 * grub_utf8_to_utf16 (loaded_image->load_options, len,
-                           (grub_uint8_t *) args, len, NULL);
+  len = grub_utf8_to_utf16 (loaded_image->load_options, len,
+                           (grub_uint8_t *) args, (grub_size_t) -1, NULL);
+  ((grub_efi_char16_t*)loaded_image->load_options)[len++] = 0; /* NUL 
terminate */
+  loaded_image->load_options_size = len * sizeof (grub_efi_char16_t);
 
   grub_dprintf ("linux", "starting image %p\n", image_handle);
   status = b->start_image (image_handle, 0, NULL);
-- 
2.49.0


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Reply via email to