]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af6273b)
bootctl: be more careful when opening arbitrary files from ESP
authorLennart Poettering <lennart@poettering.net>
Fri, 20 Jun 2025 11:59:04 +0000 (13:59 +0200)
committerLuca Boccassi <luca.boccassi@gmail.com>
Wed, 25 Jun 2025 17:17:42 +0000 (18:17 +0100)
Let's refuse all kind of weird stuff early.

As suggested here: https://github.com/systemd/systemd/pull/30418#pullrequestreview-2128220792

(cherry picked from commit 95df8288c7dff8a95b86d48787ad03ae9bd5f5ed)
(cherry picked from commit 5b68d2a003b4708b113087261dcb3f4604dfc9f0)

src/boot/bootctl-install.c patch | blob | blame | history

diff --git a/src/boot/bootctl-install.c b/src/boot/bootctl-install.c
index 44fc816a4c094a71740b87e939b4e8887c560744..4cff2a9c087f3bfe9dfac47fdf0b25d654becfc6 100644 (file)
--- a/src/boot/bootctl-install.c
+++ b/src/boot/bootctl-install.c
@@ -337,9 +337,9 @@ static int update_efi_boot_binaries(const char *esp_path, const char *source_pat
                 if (!endswith_no_case(de->d_name, ".efi"))
                         continue;
 
-                fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
+                fd = xopenat_full(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY|O_NOFOLLOW, /* xopen_flags= */ 0, /* mode= */ 0);
                 if (fd < 0)
-                        return log_error_errno(errno, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
+                        return log_error_errno(fd, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
 
                 r = get_file_version(fd, &v);
                 if (r == -ESRCH)
@@ -889,9 +889,9 @@ static int remove_boot_efi(const char *esp_path) {
                 if (!endswith_no_case(de->d_name, ".efi"))
                         continue;
 
-                fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
+                fd = xopenat_full(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY|O_NOFOLLOW, /* xopen_flags= */ 0, /* mode= */ 0);
                 if (fd < 0)
-                        return log_error_errno(errno, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
+                        return log_error_errno(fd, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
 
                 r = get_file_version(fd, &v);
                 if (r == -ESRCH)
Unnamed repository; edit this file 'description' to name the repository.