Re: [PATCH] loader/efi/linux: Correctly terminate LoadOptions field

Mon, 23 Jun 2025 07:08:53 -0700 

On Mon, Jun 23, 2025 at 2:46 PM Ross Lagerwall
<ross.lagerw...@citrix.com> wrote:
>
> On Mon, Jun 23, 2025 at 12:33 PM Frediano Ziglio via Grub-devel
> <grub-devel@gnu.org> wrote:
> >
> > If a simple string for arguments are passed it should be NUL
> > terminated. This is true for other code but not for "linux"
> > command.
> >
> > Signed-off-by: Frediano Ziglio <frediano.zig...@cloud.com>
> > ---
> >  grub-core/loader/efi/linux.c | 9 +++++----
> >  1 file changed, 5 insertions(+), 4 deletions(-)
> >
> > diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
> > index 78ea07ca8..afda6ef8f 100644
> > --- a/grub-core/loader/efi/linux.c
> > +++ b/grub-core/loader/efi/linux.c
> > @@ -190,7 +190,7 @@ grub_arch_efi_linux_boot_image (grub_addr_t addr, 
> > grub_size_t size, char *args)
> >    grub_efi_boot_services_t *b;
> >    grub_efi_status_t status;
> >    grub_efi_loaded_image_t *loaded_image;
> > -  int len;
> > +  grub_size_t len;
> >
> >    mempath = grub_malloc (2 * sizeof 
> > (grub_efi_memory_mapped_device_path_t));
> >    if (!mempath)
> > @@ -230,9 +230,10 @@ grub_arch_efi_linux_boot_image (grub_addr_t addr, 
> > grub_size_t size, char *args)
> >    if (!loaded_image->load_options)
> >      return grub_errno;
> >
> > -  loaded_image->load_options_size =
> > -    2 * grub_utf8_to_utf16 (loaded_image->load_options, len,
> > -                           (grub_uint8_t *) args, len, NULL);
> > +  len = grub_utf8_to_utf16 (loaded_image->load_options, len,
> > +                           (grub_uint8_t *) args, (grub_size_t) -1, NULL);
> > +  ((grub_efi_char16_t*)loaded_image->load_options)[len++] = 0; /* NUL 
> > terminate */
> > +  loaded_image->load_options_size = len * sizeof (grub_efi_char16_t);
> >
>
> According to the description, grub_utf8_to_utf16 may return -1 which
> would be a problem here since it is then used as an array index.
>

Looking at the function implementation it looks like the comment is
obsolete, the code replaces any invalid encoding with a question mark.
Should I update the function comment?

> The assignment of loaded_image->load_options_size just above (out of the
> patch context) seems unnecessary now.
>

Not a regression, but I can change it.

> Ross

Frediano

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Reply via email to