forked from pool/grub2
be3181b1eb
- VUL-0: grub2,shim: implement new SBAT method (bsc#1182057) * 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch * 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch * 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch * 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch * 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch * 0036-util-mkimage-Improve-data_size-value-calculation.patch * 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch * 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch * 0039-grub-install-common-Add-sbat-option.patch - Fix CVE-2021-20225 (bsc#1182262) * 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - Fix CVE-2020-27749 (bsc#1179264) * 0024-kern-parser-Fix-resource-leak-if-argc-0.patch * 0025-kern-parser-Fix-a-memory-leak.patch * 0026-kern-parser-Introduce-process_char-helper.patch * 0027-kern-parser-Introduce-terminate_arg-helper.patch * 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch * 0029-kern-buffer-Add-variable-sized-heap-buffer.patch * 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - Fix CVE-2021-20233 (bsc#1182263) * 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - Fix CVE-2020-25647 (bsc#1177883) * 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - Fix CVE-2020-25632 (bsc#1176711) * 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - Fix CVE-2020-27779, CVE-2020-14372 (bsc#1179265) (bsc#1175970) * 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch * 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch * 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch OBS-URL: https://build.opensuse.org/request/show/876326 OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=374
120 lines
3.4 KiB
Diff
120 lines
3.4 KiB
Diff
From 80b048e51705c78638afecac539e53e80647f8bd Mon Sep 17 00:00:00 2001
|
|
From: Chris Coulson <chris.coulson@canonical.com>
|
|
Date: Tue, 5 Jan 2021 22:17:28 +0000
|
|
Subject: [PATCH 26/46] kern/parser: Introduce process_char() helper
|
|
|
|
grub_parser_split_cmdline() iterates over each command line character.
|
|
In order to add error checking and to simplify the subsequent error
|
|
handling, split the character processing in to a separate function.
|
|
|
|
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
|
|
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
---
|
|
grub-core/kern/parser.c | 74 +++++++++++++++++++++++++----------------
|
|
1 file changed, 46 insertions(+), 28 deletions(-)
|
|
|
|
diff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c
|
|
index 39e4df65b..0d3582bd8 100644
|
|
--- a/grub-core/kern/parser.c
|
|
+++ b/grub-core/kern/parser.c
|
|
@@ -1,7 +1,7 @@
|
|
/* parser.c - the part of the parser that can return partial tokens */
|
|
/*
|
|
* GRUB -- GRand Unified Bootloader
|
|
- * Copyright (C) 2005,2007,2009 Free Software Foundation, Inc.
|
|
+ * Copyright (C) 2005,2007,2009,2021 Free Software Foundation, Inc.
|
|
*
|
|
* GRUB is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
@@ -129,6 +129,46 @@ add_var (char *varname, char **bp, char **vp,
|
|
*((*bp)++) = *val;
|
|
}
|
|
|
|
+static grub_err_t
|
|
+process_char (char c, char *buffer, char **bp, char *varname, char **vp,
|
|
+ grub_parser_state_t state, int *argc,
|
|
+ grub_parser_state_t *newstate)
|
|
+{
|
|
+ char use;
|
|
+
|
|
+ *newstate = grub_parser_cmdline_state (state, c, &use);
|
|
+
|
|
+ /*
|
|
+ * If a variable was being processed and this character does
|
|
+ * not describe the variable anymore, write the variable to
|
|
+ * the buffer.
|
|
+ */
|
|
+ add_var (varname, bp, vp, state, *newstate);
|
|
+
|
|
+ if (check_varstate (*newstate))
|
|
+ {
|
|
+ if (use)
|
|
+ *((*vp)++) = use;
|
|
+ }
|
|
+ else if (*newstate == GRUB_PARSER_STATE_TEXT &&
|
|
+ state != GRUB_PARSER_STATE_ESC && grub_isspace (use))
|
|
+ {
|
|
+ /*
|
|
+ * Don't add more than one argument if multiple
|
|
+ * spaces are used.
|
|
+ */
|
|
+ if (*bp != buffer && *((*bp) - 1) != '\0')
|
|
+ {
|
|
+ *((*bp)++) = '\0';
|
|
+ (*argc)++;
|
|
+ }
|
|
+ }
|
|
+ else if (use)
|
|
+ *((*bp)++) = use;
|
|
+
|
|
+ return GRUB_ERR_NONE;
|
|
+}
|
|
+
|
|
grub_err_t
|
|
grub_parser_split_cmdline (const char *cmdline,
|
|
grub_reader_getline_t getline, void *getline_data,
|
|
@@ -172,35 +212,13 @@ grub_parser_split_cmdline (const char *cmdline,
|
|
for (; *rp != '\0'; rp++)
|
|
{
|
|
grub_parser_state_t newstate;
|
|
- char use;
|
|
-
|
|
- newstate = grub_parser_cmdline_state (state, *rp, &use);
|
|
|
|
- /* If a variable was being processed and this character does
|
|
- not describe the variable anymore, write the variable to
|
|
- the buffer. */
|
|
- add_var (varname, &bp, &vp, state, newstate);
|
|
-
|
|
- if (check_varstate (newstate))
|
|
- {
|
|
- if (use)
|
|
- *(vp++) = use;
|
|
- }
|
|
- else
|
|
+ if (process_char (*rp, buffer, &bp, varname, &vp, state, argc,
|
|
+ &newstate) != GRUB_ERR_NONE)
|
|
{
|
|
- if (newstate == GRUB_PARSER_STATE_TEXT
|
|
- && state != GRUB_PARSER_STATE_ESC && grub_isspace (use))
|
|
- {
|
|
- /* Don't add more than one argument if multiple
|
|
- spaces are used. */
|
|
- if (bp != buffer && *(bp - 1))
|
|
- {
|
|
- *(bp++) = '\0';
|
|
- (*argc)++;
|
|
- }
|
|
- }
|
|
- else if (use)
|
|
- *(bp++) = use;
|
|
+ if (rd != cmdline)
|
|
+ grub_free (rd);
|
|
+ return grub_errno;
|
|
}
|
|
state = newstate;
|
|
}
|
|
--
|
|
2.26.2
|
|
|