Overview

File 0009-blsuki-conservative-UTF-8-buffer-size.patch of Package grub2

From a5b58fdf1f775f12c7560603d729f0415f47a4c1 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Wed, 1 Apr 2026 12:44:29 +0200
Subject: [PATCH 9/9] blsuki: conservative UTF-8 buffer size

To be on safe side, use GRUB_MAX_UTF8_PER_UTF16 as UTF-8 for non ascii
characters can be up to 4 bytes.
---
 grub-core/commands/blsuki.c | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/grub-core/commands/blsuki.c b/grub-core/commands/blsuki.c
index 298f04a98..adc87207e 100644
--- a/grub-core/commands/blsuki.c
+++ b/grub-core/commands/blsuki.c
@@ -1516,11 +1516,30 @@ set_bli_loader_entries (enum blsuki_cmd_type cmd_type)
 	  if (prev_entries_size != 0 && prev_entries)
 	    {
 	      do {
+		grub_size_t prev_entry_size;
+
 		tmp16 = prev_entries;
 		len16 = 0;
 		while (*tmp16++ != '\0')
 		    len16++;
-		prev_entry = grub_malloc (len16 + 1);
+
+		if (grub_mul (len16, GRUB_MAX_UTF8_PER_UTF16, &prev_entry_size) ||
+		    grub_add (prev_entry_size, 1, &prev_entry_size))
+		  {
+		    grub_free (prev_entries_start);
+		    grub_free (efi_entries);
+		    return grub_error (GRUB_ERR_OUT_OF_RANGE,
+				       "LoaderEntries entry is too large");
+		  }
+
+		prev_entry = grub_malloc (prev_entry_size);
+		if (prev_entry == NULL)
+		  {
+		    grub_free (prev_entries_start);
+		    grub_free (efi_entries);
+		    return grub_errno;
+		  }
+
 		*grub_utf16_to_utf8 ((grub_uint8_t*) prev_entry, prev_entries, len16) = '\0';
 		rc = filevercmp (prev_entry, entry->filename);
 		if (rc == 0)
-- 
2.53.0
openSUSE Build Service is sponsored by
Places