From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 28 Jul 2022 15:11:47 +0000 (+0200)
Subject: stub: clean up kernel command line when converting to ASCII
X-Git-Tag: v252-rc1~542^2~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=03d5449f3ab0d136eeab20c767cf7f6c3790869e;p=thirdparty%2Fsystemd.git

stub: clean up kernel command line when converting to ASCII

Let's be a bit more careful when converting the UTF-16 cmdline to ASCII.
Let's convert all characters out of the printable ASCII range to spaces,
instead of blindly relying on C's downcasting behaviour.
---

diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c
index 0bd60431495..49ece419619 100644
--- a/src/boot/efi/stub.c
+++ b/src/boot/efi/stub.c
@@ -238,14 +238,19 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
                 cmdline_len = szs[UNIFIED_SECTION_CMDLINE];
         }
 
-        /* if we are not in secure boot mode, or none was provided, accept a custom command line and replace the built-in one */
-        if ((!secure_boot_enabled() || cmdline_len == 0) && loaded_image->LoadOptionsSize > 0 &&
-            *(char16_t *) loaded_image->LoadOptions > 0x1F) {
+        /* if we are not in secure boot mode, or none was provided, accept a custom command line and replace
+         * the built-in one. We also do a superficial check whether first chararacter of passed command line
+         * is printable character (for compat with some Dell systems which fill in garbage?). */
+        if ((!secure_boot_enabled() || cmdline_len == 0) &&
+            loaded_image->LoadOptionsSize > 0 &&
+            ((char16_t *) loaded_image->LoadOptions)[0] > 0x1F) {
                 cmdline_len = (loaded_image->LoadOptionsSize / sizeof(char16_t)) * sizeof(char);
-                cmdline = cmdline_owned = xmalloc(cmdline_len);
+                cmdline = cmdline_owned = xnew(char, cmdline_len);
 
-                for (UINTN i = 0; i < cmdline_len; i++)
-                        cmdline[i] = ((char16_t *) loaded_image->LoadOptions)[i];
+                for (UINTN i = 0; i < cmdline_len; i++) {
+                        char16_t c = ((char16_t *) loaded_image->LoadOptions)[i];
+                        cmdline[i] = c > 0x1F && c < 0x7F ? c : ' '; /* convert non-printable and non_ASCII characters to spaces. */
+                }
 
                 /* Let's measure the passed kernel command line into the TPM. Note that this possibly
                  * duplicates what we already did in the boot menu, if that was already used. However, since