From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1oRNh1-0008Fp-CS
	for mharc-grub-devel@gnu.org; Thu, 25 Aug 2022 20:59:27 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:55342)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1oRNgw-0008DF-C4
 for grub-devel@gnu.org; Thu, 25 Aug 2022 20:59:22 -0400
Received: from mail-qk1-x72f.google.com ([2607:f8b0:4864:20::72f]:35665)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1oRNgu-00027L-Qj
 for grub-devel@gnu.org; Thu, 25 Aug 2022 20:59:22 -0400
Received: by mail-qk1-x72f.google.com with SMTP id b9so120204qka.2
 for <grub-devel@gnu.org>; Thu, 25 Aug 2022 17:59:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=efficientek-com.20210112.gappssmtp.com; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc;
 bh=ri8Jm70BWwt6e8/AhWcHYWS94AqB9LFl8KZzpN1eRM4=;
 b=uZjweLyOH/8U7tiHRYZ9LVpB4wI5y10AVPH+3BaGahuPAfMyGHt5cE3fKekQIX3anz
 RyaOLHJMFNGJJB3IX22HBH5U6NIArp29rQWothfqjCqXQe8Z3JvrPrAmp/edBzQIYUy9
 4GZKKZNYwznENATi0xiR8TmO0vjA3m1VRgmzSQ0IXjwecc0hn50fJGFJYwKQr/HIx2uN
 1oSapZWOTWTcQc66AlqTNOBl/EJx8rdC3keVzj7X08rFrSRi1534YxvaojqdLKtdBdYW
 nNDM77GN+NHgwz0E8afAEv0NgUoOVRotlqN86eDsQSRxinESNJVJ0Hbd2/mQYPEcxy0L
 S3LA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc;
 bh=ri8Jm70BWwt6e8/AhWcHYWS94AqB9LFl8KZzpN1eRM4=;
 b=SSQLghjX3OuUAGXBQfvq6FMSZS9ZM52HUtLV8/wQGUIyQqXkEfOzyvhsMn5StGGQpe
 ExbPskxOPXOtGqOD1ZegJRGqToL0ljEFDRqd16uSXCRRYxL0KjYSFWo2tLGzZ0dG5S6W
 wema1oGQzPXhKJZwJLO67dDRny22sP6p/rCd0+QjaKxCssITg9SVlw3Sm2ojyKJJm5BR
 YXUJAKajbRynDQbhujEdPX77DSyiOFuvaCM+5/dncFq6v54tUGgZS8mJDfPSeGBo5Fhq
 c9a7oZJBrmTKS1NPxnDMoP7V0KvNHs4zwf1b6cOD8dU6lf3MsZ/i9P2N9z1bI4McLFP+
 PmBA==
X-Gm-Message-State: ACgBeo01vMCa69GN3oPZCmWAkTr9fjbgafx+ACeQs2YS00QuCuVDLiZK
 yyZkmdBpEg+yqML5GdUoocmPYZzFjw+I0A==
X-Google-Smtp-Source: AA6agR5etRMYVD3wsexO6HA2el7qOgcXYg+datXlenjiFwuA5aq0fFvvT8GtvJFcFgXhu7qGEP3lnA==
X-Received: by 2002:a37:347:0:b0:6bb:e4e5:de57 with SMTP id
 68-20020a370347000000b006bbe4e5de57mr4957694qkd.123.1661475559482; 
 Thu, 25 Aug 2022 17:59:19 -0700 (PDT)
Received: from localhost.localdomain ([37.218.244.249])
 by smtp.gmail.com with ESMTPSA id
 z2-20020ac87ca2000000b00342f8143599sm342315qtv.13.2022.08.25.17.59.18
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 25 Aug 2022 17:59:19 -0700 (PDT)
From: Glenn Washburn <development@efficientek.com>
To: grub-devel@gnu.org,
	Daniel Kiper <dkiper@net-space.pl>
Cc: Li Gen <ligenlive@gmail.com>, Glenn Washburn <development@efficientek.com>
Subject: [PATCH] read: Fix overflow in grub_getline()
Date: Thu, 25 Aug 2022 19:59:09 -0500
Message-Id: <20220826005909.360621-1-development@efficientek.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::72f;
 envelope-from=development@efficientek.com; helo=mail-qk1-x72f.google.com
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Aug 2022 00:59:22 -0000

From: Li Gen <ligenlive@gmail.com>

Store returned value from grub_getkey() in int instead of char to
prevent throwing away the extended bits. This was a problem because,
for instance, the left arrow key press would return
(GRUB_TERM_EXTENDED | 0x4b), which would have the GRUB_TERM_EXTENDED
thrown away leaving 0x4b or 'K'. These extended keys should either
work as intended or do nothing. This change has them do nothing, instead
of inserting a key not pressed by the user.

Signed-off-by: Li Gen <ligenlive@gmail.com>
Signed-off-by: Glenn Washburn <development@efficientek.com>
---
 grub-core/commands/read.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/grub-core/commands/read.c b/grub-core/commands/read.c
index c2969ccda4..597c907065 100644
--- a/grub-core/commands/read.c
+++ b/grub-core/commands/read.c
@@ -40,7 +40,7 @@ grub_getline (int silent)
   int i;
   char *line;
   char *tmp;
-  char c;
+  int c;
 
   i = 0;
   line = grub_malloc (1 + i + sizeof('\0'));
@@ -53,8 +53,11 @@ grub_getline (int silent)
       if ((c == '\n') || (c == '\r'))
 	break;
 
-      line[i] = c;
-      if (!silent && grub_isprint (c))
+      if (!grub_isprint (c))
+	continue;
+
+      line[i] = (char) c;
+      if (!silent)
 	grub_printf ("%c", c);
       i++;
       tmp = grub_realloc (line, 1 + i + sizeof('\0'));
-- 
2.34.1