efivars: let's add some validation of boot menu entry name syntax

author Lennart Poettering <lennart@poettering.net>

Mon, 22 Oct 2018 17:59:45 +0000 (19:59 +0200)

committer Lennart Poettering <lennart@poettering.net>

Fri, 16 Nov 2018 14:52:22 +0000 (15:52 +0100)
author Lennart Poettering <lennart@poettering.net>
Mon, 22 Oct 2018 17:59:45 +0000 (19:59 +0200)
committer Lennart Poettering <lennart@poettering.net>
Fri, 16 Nov 2018 14:52:22 +0000 (15:52 +0100)
diff --git a/src/shared/efivars.c b/src/shared/efivars.c

index 360ef0340084aeaf2cbeb07510eb9e7bf25ce952..fbed9027c10598eefb73fcf0457984fd7ecef303 100644 (file)
--- a/src/shared/efivars.c
+++ b/src/shared/efivars.c
@@ -771,6 +771,16 @@ int efi_loader_get_device_part_uuid(sd_id128_t *u) {
          return 0;
  }
  
+bool efi_loader_entry_name_valid(const char *s) {
+        if (isempty(s))
+                return false;
+
+        if (strlen(s) > FILENAME_MAX) /* Make sure entry names fit in filenames */
+                return false;
+
+        return in_charset(s, ALPHANUMERICAL "-");
+}
+
  int efi_loader_get_entries(char ***ret) {
          _cleanup_free_ char16_t *entries = NULL;
          _cleanup_strv_free_ char **l = NULL;
@@ -789,7 +799,7 @@ int efi_loader_get_entries(char ***ret) {
          /* The variable contains a series of individually NUL terminated UTF-16 strings. */
  
          for (i = 0, start = 0;; i++) {
-                char *decoded;
+                _cleanup_free_ char *decoded = NULL;
                  bool end;
  
                  /* Is this the end of the variable's data? */
@@ -805,9 +815,12 @@ int efi_loader_get_entries(char ***ret) {
                  if (!decoded)
                          return -ENOMEM;
  
-                r = strv_consume(&l, decoded);
-                if (r < 0)
-                        return r;
+                if (efi_loader_entry_name_valid(decoded)) {
+                        r = strv_consume(&l, TAKE_PTR(decoded));
+                        if (r < 0)
+                                return r;
+                } else
+                        log_debug("Ignoring invalid loader entry '%s'.", decoded);
  
                  /* We reached the end of the variable */
                  if (end)
diff --git a/src/shared/efivars.h b/src/shared/efivars.h

index 51ecf6a27978668edd41167f326d4b00a15f31d0..92670c82c7d9c2aa5a59c248178f3071b6b14d9c 100644 (file)
--- a/src/shared/efivars.h
+++ b/src/shared/efivars.h
@@ -50,6 +50,8 @@ int efi_loader_get_boot_usec(usec_t *firmware, usec_t *loader);
  
  int efi_loader_get_entries(char ***ret);
  
+bool efi_loader_entry_name_valid(const char *s);
+
  int efi_loader_get_features(uint64_t *ret);
  
  #else
author	Lennart Poettering <lennart@poettering.net>
	Mon, 22 Oct 2018 17:59:45 +0000 (19:59 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Fri, 16 Nov 2018 14:52:22 +0000 (15:52 +0100)
src/shared/efivars.c		patch \| blob \| blame \| history
src/shared/efivars.h		patch \| blob \| blame \| history