On Wed, Jun 25, 2025 at 1:27 PM Daniel Kiper <dki...@net-space.pl> wrote:
>
> On Wed, Jun 25, 2025 at 07:42:24AM +0100, Frediano Ziglio via Grub-devel
> wrote:
> > The size passed to grub_utf8_to_utf16 for the source string is
> > used as a limit for the string if NUL character is not encountered
> > however len, which is strlen(src)*2+2 is surely greater than
> > strlen(src).
> > Pass (grub_size_t) -1 to consider only NUL terminator.
>
> We should not blindly assume the NUL is inserted by the loader.
Why blindly?
grub_arch_efi_linux_boot_image is declared as
grub_err_t
grub_arch_efi_linux_boot_image (grub_addr_t addr, grub_size_t size, char *args)
here "args" has no explicit length, meaning usually NUL-termination.
Later:
grub_dprintf ("linux", "linux command line: '%s'\n", args);
meaning NUL-termination, then
len = (grub_strlen (args) + 1) * sizeof (grub_efi_char16_t);
again, meaning "args" NUL-termination.
> So, still len should be used as a safety net. Or something else
> if you think len is wrong...
>
For grub_utf8_to_utf16 the explanation is not so easy, but I would use
grub_strlen(args) and not "len".
> Daniel
Frediano
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
