grub2/0110-misc-fix-invalid-character-recongition-in-strto-l.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Aaron Miller <aaronmiller@fb.com>
Date: Fri, 29 Jul 2016 17:41:27 +0800
Subject: [PATCH] misc: fix invalid character recongition in strto*l

Would previously allow digits larger than the base and didn't check that
subtracting the difference from 0-9 to lowercase letters for characters
larger than 9 didn't result in a value lower than 9, which allowed the
parses: ` = 9, _ = 8, ^ = 7, ] = 6, \ = 5, and [ = 4
---
 grub-core/kern/misc.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c
index 0e89c483d5e..5c3899f0e5b 100644
--- a/grub-core/kern/misc.c
+++ b/grub-core/kern/misc.c
@@ -434,11 +434,14 @@ grub_strtoull (const char *str, char **end, int base)
       unsigned long digit;
 
       digit = grub_tolower (*str) - '0';
-      if (digit >= 'a' - '0')
-	digit += '0' - 'a' + 10;
-      else if (digit > 9)
-	break;
-
+      if (digit > 9)
+	{
+	  digit += '0' - 'a' + 10;
+	  /* digit <= 9 check is needed to keep chars larger than
+	     '9' but less than 'a' from being read as numbers */
+	  if (digit >= (unsigned long) base || digit <= 9)
+	    break;
+	}
       if (digit >= (unsigned long) base)
 	break;