-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixing kernel commandline parameter validation #148
base: main
Are you sure you want to change the base?
Conversation
Heyo, thanks for the contribution. Just a few questions, mainly for my own understanding since I couldn't find the answer in the linux docs >.> What would happen if the value passed looks like From a usability perspective, would it make sense to instead detect if the value the user passes us contains spaces, and add the quotes for them (with maybe some escaping logic for quotes already in the string, although I'm not sure the linux command line allows for escaping them). |
Only double quotes are allowed. You can't escape " in the value, your example string is invalid.
Maybe a good idea. |
I see, thanks for explaining! In that case, we should also validate that no quotes are contained in the middle of values, e.g.
If we don't have to deal with any complex escaping logic, I think we should do this. Unless I'm missing something, it'd just be
What do others think? |
Thanks @ita93 and @roypat for getting involved into this! I do agree with the first 2 points (for point 2, we even have a function here that could help us with the implementation). Also, what happens if we receive a parameter's value like |
I think that we should follow the purpose of the original function - validating the input, that is all.
As my understanding, this input may still generate a valid kernel commandline, however, the |
e2610af
to
9db1c32
Compare
9db1c32
to
c085ab6
Compare
According to linux kernel document, the value of command line parameter can contains spaces (with double quotes) or equals. Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
c085ab6
to
db4d7a4
Compare
There is no activity on this PR for some time, @ita93 are you still interested in getting this merged? If not, can you please close the PR? |
Sorry for the late reply, I'm still interested in this one. I will try posting it in Slack to ask for a reviewing |
According to linux kernel document, the value of command line parameter can contains spaces (with double quotes) or equals.
Summary of the PR
Please summarize here why the changes in this PR are needed.
Requirements
Before submitting your PR, please make sure you addressed the following
requirements:
git commit -s
), and the commitmessage has max 60 characters for the summary and max 75 characters for each
description line.
test.
Release" section of CHANGELOG.md (if no such section exists, please create one).
unsafe
code is properly documented.