If the following entries are made into /boot/loader.conf: test_directive_a="test a" # This is test_directive_a test_directive_b="test b" # This is "test_directive_b" test_directive_c="test c" # This is 'test_directive_b' then the middle comment will not appear in the kernel environment.
So the problem is that the lua parser in /boot/lua/config.lua is splitting the line on the '=', sending the first match to the key and the second to the value. In the problem case, the value is: '"test b" # This is "test_directive_b"' Then the value gets matched against QVALEXPR = '"(.*)"'. This cleans up the value by removing the first and last '"', but in this case turns it into: test b" # This is "test_directive_b which then gets rejected in processEnvVar() with MSG_FAILSYN_QUOTE, since values aren't allowed to contain '"'. Changing QVALEXPR to '([-%w_]+)' fixes this problem. Since the value is explicitly prevented from containing quotes, it's not unreasonable to load it from an expression that excludes them. The only other place this is used is in the 'exec="command"' expression, which also should not contain '"' in the command value. A patch is attached.
Created attachment 235527 [details] Prevent '"' from being incorporated into name="value" pairs in /boot/loader.conf
Created attachment 235528 [details] Prevent '"' from being incorporated into name="value" pairs in /boot/loader.conf
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=b39f500e6ac8404aa0acdc025bd12829e881fcd1 commit b39f500e6ac8404aa0acdc025bd12829e881fcd1 Author: Cyrus Rahman <crahman@gmail.com> AuthorDate: 2025-03-16 14:44:57 +0000 Commit: Warner Losh <imp@FreeBSD.org> CommitDate: 2025-03-16 14:46:57 +0000 stand: lines with comments a '"' in loader.conf are ignored So the problem is that the lua parser in /boot/lua/config.lua is splitting the line on the '=', sending the first match to the key and the second to the value. In the problem case, the value is: '"test b" # This is "test_directive_b"' Then the value gets matched against QVALEXPR = '"(.*)"'. This cleans up the value by removing the first and last '"', but in this case turns it into: test b" # This is "test_directive_b which then gets rejected in processEnvVar() with MSG_FAILSYN_QUOTE, since values aren't allowed to contain '"'. Changing QVALEXPR to '([-%w_]+)' fixes this problem. Since the value is explicitly prevented from containing quotes, it's not unreasonable to load it from an expression that excludes them. The only other place this is used is in the 'exec="command"' expression, which also should not contain '"' in the command value. PR: 265001 Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D35975 stand/lua/config.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)