proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2025-08-13 03:51:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Only accept application/x-xz compression for the metadata payload

Browse Source 
Fixes some of https://github.com/fwupd/fwupd/issues/5553
This commit is contained in:
Richard Hughes 2023-02-19 19:17:13 +00:00 committed by Mario Limonciello
parent 68539273d2
commit cdd30731b6
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/fu-engine.c
View File

@ -4946,6 +4946,7 @@ fu_engine_update_metadata_bytes(FuEngine *self,
FwupdKeyringKind keyring_kind;
FwupdRemote *remote;
JcatVerifyFlags jcat_flags = JCAT_VERIFY_FLAG_REQUIRE_SIGNATURE;
g_autofree gchar *content_type = NULL;
g_autoptr(JcatFile) jcat_file = jcat_file_new();
g_return_val_if_fail(FU_IS_ENGINE(self), FALSE);
@ -4973,6 +4974,20 @@ fu_engine_update_metadata_bytes(FuEngine *self,
return FALSE;
}
/* check for xz payload */
content_type = g_content_type_guess(NULL,
(const guchar *)g_bytes_get_data(bytes_raw, NULL),
g_bytes_get_size(bytes_raw),
NULL);
if (content_type != NULL && g_strcmp0(content_type, "application/x-xz") != 0) {
g_set_error(error,
FWUPD_ERROR,
FWUPD_ERROR_NOT_SUPPORTED,
"only application/x-xz payload supported, got %s",
content_type);
return FALSE;
}
/* verify JCatFile, or create a dummy one from legacy data */
keyring_kind = fwupd_remote_get_keyring_kind(remote);
if (keyring_kind == FWUPD_KEYRING_KIND_JCAT) {