Commit 84156d6
committed
kargs: Fix crash on quoted values in /proc/cmdline
ostree_kernel_args_append_proc_cmdline() crashes with SIGABRT when
/proc/cmdline contains quoted kernel arguments with spaces (e.g.
"testparam=value with spaces"). This was reported by Arch Linux
maintainers when building ostree 2026.1 and reproduced on 2025.7.
Root cause: commit abc7d5b ("kargs: parse spaces in kargs input and
keep quotes", March 2024) added split_kernel_args(), a quote-aware
string splitter, and updated ostree_kernel_args_append() and three
other functions to use it. However, it did not update
ostree_kernel_args_append_proc_cmdline(), which still used a naive
g_strsplit(" ") to tokenize /proc/cmdline. When the cmdline contained
quoted values with spaces, g_strsplit broke them into fragments with
unterminated quotes. These fragments were then passed to
ostree_kernel_args_append() -> split_kernel_args(), which hit a
g_assert_false(quoted) and aborted.
The bug was latent since v2024.5 because the test-admin-deploy-karg.sh
and test-admin-instutil-set-kargs.sh tests read the real /proc/cmdline
from the build host. CI environments never had quoted values in their
cmdline, so the crash never triggered. The Arch build server recently
acquired a quoted value (likely from a kernel or GRUB config change),
exposing the bug.
Additionally, bootloaders may reformat quotes: what rpm-ostree stores
as testparam="value with spaces" appears in /proc/cmdline as
"testparam=value with spaces" (GRUB wraps the entire token in quotes
instead of just the value).
Fix this with two changes:
1. Replace g_strsplit() with split_kernel_args() in
ostree_kernel_args_append_proc_cmdline() so the initial tokenization
of /proc/cmdline is quote-aware. Individual args passed to
ostree_kernel_args_append() are now already properly split.
2. Replace g_assert_false(quoted) in split_kernel_args() with a
g_debug() warning that continues execution, treating the remainder
as a single token. Since we cannot control what bootloaders put in
/proc/cmdline, a hard abort on unterminated quotes is never
appropriate.
Add a unit test (test_kargs_quoted_cmdline) covering standard quoted
values, GRUB-reformatted quoting, and multiple quoted args. Add a kola
destructive test (kargs-proc-cmdline-quoted.sh) that injects a quoted
karg via rpm-ostree, reboots, and verifies --karg-proc-cmdline and
--import-proc-cmdline succeed without crashing.
Assisted-by: OpenCode (Claude claude-opus-4-6)
Signed-off-by: Joseph Marrero Corchado <jmarrero@redhat.com>1 parent 1d2b902 commit 84156d6
3 files changed
Lines changed: 101 additions & 9 deletions
File tree
- src/libostree
- tests
- kolainst/destructive
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
188 | 188 | | |
189 | 189 | | |
190 | 190 | | |
191 | | - | |
192 | | - | |
193 | | - | |
194 | | - | |
195 | | - | |
196 | | - | |
197 | | - | |
198 | | - | |
| 191 | + | |
| 192 | + | |
| 193 | + | |
| 194 | + | |
| 195 | + | |
| 196 | + | |
199 | 197 | | |
200 | 198 | | |
201 | 199 | | |
| |||
681 | 679 | | |
682 | 680 | | |
683 | 681 | | |
684 | | - | |
| 682 | + | |
685 | 683 | | |
686 | 684 | | |
687 | 685 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
278 | 278 | | |
279 | 279 | | |
280 | 280 | | |
| 281 | + | |
| 282 | + | |
| 283 | + | |
| 284 | + | |
| 285 | + | |
| 286 | + | |
| 287 | + | |
| 288 | + | |
| 289 | + | |
| 290 | + | |
| 291 | + | |
| 292 | + | |
| 293 | + | |
| 294 | + | |
| 295 | + | |
| 296 | + | |
| 297 | + | |
| 298 | + | |
| 299 | + | |
| 300 | + | |
| 301 | + | |
| 302 | + | |
| 303 | + | |
| 304 | + | |
| 305 | + | |
| 306 | + | |
| 307 | + | |
| 308 | + | |
| 309 | + | |
| 310 | + | |
| 311 | + | |
| 312 | + | |
| 313 | + | |
| 314 | + | |
| 315 | + | |
| 316 | + | |
| 317 | + | |
| 318 | + | |
| 319 | + | |
| 320 | + | |
| 321 | + | |
| 322 | + | |
| 323 | + | |
| 324 | + | |
| 325 | + | |
| 326 | + | |
| 327 | + | |
| 328 | + | |
| 329 | + | |
281 | 330 | | |
282 | 331 | | |
283 | 332 | | |
| |||
286 | 335 | | |
287 | 336 | | |
288 | 337 | | |
| 338 | + | |
289 | 339 | | |
290 | 340 | | |
0 commit comments