[Bug 265001] loader: Comments in loader.conf ignored if they contain '"'

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 265001] loader: Comments in loader.conf ignored if they contain '"'"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 28 Jul 2022 12:26:38 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=265001

--- Comment #1 from crahman@gmail.com ---
So the problem is that the lua parser in /boot/lua/config.lua is splitting the
line on the '=', sending the first match to the key and the second to the
value.

In the problem case, the value is:
   '"test b"               # This is "test_directive_b"'

Then the value gets matched against QVALEXPR = '"(.*)"'.

This cleans up the value by removing the first and last '"', but in this case
turns it into:

  test b"               # This is "test_directive_b

which then gets rejected in processEnvVar() with MSG_FAILSYN_QUOTE, since
values aren't allowed to contain '"'.

Changing QVALEXPR to '([-%w_]+)' fixes this problem.  Since the value is
explicitly prevented from containing quotes, it's not unreasonable to load it
from an expression that excludes them.  The only other place this is used is in
the 'exec="command"' expression, which also should not contain '"' in the
command value.

A patch is attached.

-- 
You are receiving this mail because:
You are the assignee for the bug.