[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY PATCH 096/117] kern/parser: Introduce process_char() helper
|
From: |
Daniel Kiper |
|
Subject: |
[SECURITY PATCH 096/117] kern/parser: Introduce process_char() helper |
|
Date: |
Tue, 2 Mar 2021 19:01:43 +0100 |
From: Chris Coulson <chris.coulson@canonical.com>
grub_parser_split_cmdline() iterates over each command line character.
In order to add error checking and to simplify the subsequent error
handling, split the character processing in to a separate function.
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/kern/parser.c | 74 ++++++++++++++++++++++++++++++-------------------
1 file changed, 46 insertions(+), 28 deletions(-)
diff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c
index 39e4df65b..0d3582bd8 100644
--- a/grub-core/kern/parser.c
+++ b/grub-core/kern/parser.c
@@ -1,7 +1,7 @@
/* parser.c - the part of the parser that can return partial tokens */
/*
* GRUB -- GRand Unified Bootloader
- * Copyright (C) 2005,2007,2009 Free Software Foundation, Inc.
+ * Copyright (C) 2005,2007,2009,2021 Free Software Foundation, Inc.
*
* GRUB is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -129,6 +129,46 @@ add_var (char *varname, char **bp, char **vp,
*((*bp)++) = *val;
}
+static grub_err_t
+process_char (char c, char *buffer, char **bp, char *varname, char **vp,
+ grub_parser_state_t state, int *argc,
+ grub_parser_state_t *newstate)
+{
+ char use;
+
+ *newstate = grub_parser_cmdline_state (state, c, &use);
+
+ /*
+ * If a variable was being processed and this character does
+ * not describe the variable anymore, write the variable to
+ * the buffer.
+ */
+ add_var (varname, bp, vp, state, *newstate);
+
+ if (check_varstate (*newstate))
+ {
+ if (use)
+ *((*vp)++) = use;
+ }
+ else if (*newstate == GRUB_PARSER_STATE_TEXT &&
+ state != GRUB_PARSER_STATE_ESC && grub_isspace (use))
+ {
+ /*
+ * Don't add more than one argument if multiple
+ * spaces are used.
+ */
+ if (*bp != buffer && *((*bp) - 1) != '\0')
+ {
+ *((*bp)++) = '\0';
+ (*argc)++;
+ }
+ }
+ else if (use)
+ *((*bp)++) = use;
+
+ return GRUB_ERR_NONE;
+}
+
grub_err_t
grub_parser_split_cmdline (const char *cmdline,
grub_reader_getline_t getline, void *getline_data,
@@ -172,35 +212,13 @@ grub_parser_split_cmdline (const char *cmdline,
for (; *rp != '\0'; rp++)
{
grub_parser_state_t newstate;
- char use;
- newstate = grub_parser_cmdline_state (state, *rp, &use);
-
- /* If a variable was being processed and this character does
- not describe the variable anymore, write the variable to
- the buffer. */
- add_var (varname, &bp, &vp, state, newstate);
-
- if (check_varstate (newstate))
- {
- if (use)
- *(vp++) = use;
- }
- else
+ if (process_char (*rp, buffer, &bp, varname, &vp, state, argc,
+ &newstate) != GRUB_ERR_NONE)
{
- if (newstate == GRUB_PARSER_STATE_TEXT
- && state != GRUB_PARSER_STATE_ESC && grub_isspace (use))
- {
- /* Don't add more than one argument if multiple
- spaces are used. */
- if (bp != buffer && *(bp - 1))
- {
- *(bp++) = '\0';
- (*argc)++;
- }
- }
- else if (use)
- *(bp++) = use;
+ if (rd != cmdline)
+ grub_free (rd);
+ return grub_errno;
}
state = newstate;
}
--
2.11.0
- [SECURITY PATCH 073/117] fs/hfsplus: Don't use uninitialized data on corrupt filesystems, (continued)
- [SECURITY PATCH 073/117] fs/hfsplus: Don't use uninitialized data on corrupt filesystems, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 083/117] io/gzio: Add init_dynamic_block() clean up if unpacking codes fails, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 079/117] fs/nilfs2: Reject too-large keys, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 077/117] fs/jfs: Limit the extents that getblk() can consider, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 084/117] io/gzio: Catch missing values in huft_build() and bail, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 086/117] disk/lvm: Don't go beyond the end of the data we read from disk, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 087/117] disk/lvm: Don't blast past the end of the circular metadata buffer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 089/117] disk/lvm: Do not crash if an expected string is not found, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 085/117] io/gzio: Zero gzio->tl/td in init_dynamic_block() if huft_build() fails, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 091/117] disk/lvm: Sanitize rlocn->offset to prevent wild read, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 096/117] kern/parser: Introduce process_char() helper,
Daniel Kiper <=
- [SECURITY PATCH 097/117] kern/parser: Introduce terminate_arg() helper, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 080/117] fs/nilfs2: Don't search children if provided number is too large, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 088/117] disk/lvm: Bail on missing PV list, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 099/117] kern/buffer: Add variable sized heap buffer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 076/117] fs/jfs: Do not move to leaf level if name length is negative, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 075/117] fs/sfs: Fix over-read of root object name, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 074/117] fs/hfs: Disable under lockdown, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 094/117] fs/btrfs: Squash some uninitialized reads, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 081/117] fs/nilfs2: Properly bail on errors in grub_nilfs2_btree_node_lookup(), Daniel Kiper, 2021/03/02
- [SECURITY PATCH 093/117] fs/btrfs: Validate the number of stripes/parities in RAID5/6, Daniel Kiper, 2021/03/02