bootctl: safety check for regular file when reading EFI images

author: Lennart Poettering <lennart@poettering.net> 2019-01-28 17:33:08 +0100
committer: Lennart Poettering <lennart@poettering.net> 2019-03-01 12:41:32 +0100
commit: c4ba5b516d03ec0973b5c4ad58e2735d96b1bd83 (patch)
tree: bceb46de2135a2cdacd4ed0e7446dc77c46f066a /src
parent: bootctl: use SYNTHETIC_ERRNO() where appropriate (diff)
download: systemd-c4ba5b516d03ec0973b5c4ad58e2735d96b1bd83.tar.xz
systemd-c4ba5b516d03ec0973b5c4ad58e2735d96b1bd83.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
index 1dbe00adb6..2424aa011f 100644
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@@ -96,6 +96,10 @@ static int get_file_version(int fd, char **v) {
         if (fstat(fd, &st) < 0)
                 return log_error_errno(errno, "Failed to stat EFI binary: %m");
 
+        r = stat_verify_regular(&st);
+        if (r < 0)
+                return log_error_errno(errno, "EFI binary is not a regular file: %m");
+
         if (st.st_size < 27) {
                 *v = NULL;
                 return 0;
author	Lennart Poettering <lennart@poettering.net>	2019-01-28 17:33:08 +0100
committer	Lennart Poettering <lennart@poettering.net>	2019-03-01 12:41:32 +0100
commit	c4ba5b516d03ec0973b5c4ad58e2735d96b1bd83 (patch)
tree	bceb46de2135a2cdacd4ed0e7446dc77c46f066a /src
parent	bootctl: use SYNTHETIC_ERRNO() where appropriate (diff)
download	systemd-c4ba5b516d03ec0973b5c4ad58e2735d96b1bd83.tar.xz systemd-c4ba5b516d03ec0973b5c4ad58e2735d96b1bd83.zip