git.ipfire.org Git - thirdparty/grub.git/commit

author	Thomas Frauendorfer \| Miray Software <tf@miray.de>
	Tue, 4 Aug 2020 11:49:51 +0000 (13:49 +0200)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Tue, 2 Mar 2021 14:54:20 +0000 (15:54 +0100)
commit	42facd577231cf5ffe4c7128fed15b7e7d99cbca
tree	0476de302be779b3440e2bba4bf989677101d830	tree
parent	83603bea6ce8fdff5ab3fbc4c9e592a8c71a8706	commit \| diff

gfxmenu/gui: Check printf() format in the gui_progress_bar and gui_label

The gui_progress_bar and gui_label components can display the timeout
value. The format string can be set through a theme file. This patch
adds a validation step to the format string.

If a user loads a theme file into the GRUB without this patch then
a GUI label with the following settings

  + label {
  ...
  id = "__timeout__"
  text = "%s"
  }

will interpret the current timeout value as string pointer and print the
memory at that position on the screen. It is not desired behavior.

Signed-off-by: Thomas Frauendorfer | Miray Software <tf@miray.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

grub-core/gfxmenu/gui_label.c		diff \| blob \| blame \| history
grub-core/gfxmenu/gui_progress_bar.c		diff \| blob \| blame \| history