Uefi 20250321 patches

[PULL 3/6] hw/uefi: fix error handling in uefi_vars_json_load

Posted by Gerd Hoffmann 1 week, 5 days ago

Catch lseek errors.  Return on read errors.

Fixes: CID 1593154
Fixes: CID 1593157
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20250319141159.1461621-4-kraxel@redhat.com>
---
 hw/uefi/var-service-json.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/hw/uefi/var-service-json.c b/hw/uefi/var-service-json.c
index f1c20a6b8c1e..ad3462cd1557 100644
--- a/hw/uefi/var-service-json.c
+++ b/hw/uefi/var-service-json.c
@@ -214,7 +214,7 @@ void uefi_vars_json_load(uefi_vars_state *uv, Error **errp)
     QObject *qobj;
     Visitor *v;
     char *str;
-    size_t len;
+    ssize_t len;
     int rc;
 
     if (uv->jsonfd == -1) {
@@ -222,7 +222,12 @@ void uefi_vars_json_load(uefi_vars_state *uv, Error **errp)
     }
 
     len = lseek(uv->jsonfd, 0, SEEK_END);
+    if (len < 0) {
+        warn_report("%s: lseek error", __func__);
+        return;
+    }
     if (len == 0) {
+        /* empty file */
         return;
     }
 
@@ -231,6 +236,8 @@ void uefi_vars_json_load(uefi_vars_state *uv, Error **errp)
     rc = read(uv->jsonfd, str, len);
     if (rc != len) {
         warn_report("%s: read error", __func__);
+        g_free(str);
+        return;
     }
     str[len] = 0;
 
-- 
2.49.0

[PULL 1/6] hw/uefi: flush variable store to disk in post load
[PULL 2/6] hw/uefi: fix error handling in uefi_vars_json_save
[PULL 3/6] hw/uefi: fix error handling in uefi_vars_json_load
[PULL 4/6] hw/uefi-vars-sysbus: allow for riscv virt
[PULL 5/6] hw/uefi-vars-sysbus: allow for loongarch virt
[PULL 6/6] docs/firmware: add feature flag for host uefi variable store