From 40cb2aa4f81b6b2af198f7c645abbf4f549c0f2e Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 13 Nov 2025 12:33:12 +0100
Subject: [PATCH] efivars: validate we are actually talking about a regular
 file

We already have the stat data, let's actually check if things are
alright before relying on .st_size
---
 src/basic/efivars.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/basic/efivars.c b/src/basic/efivars.c
index c50983bdfc..f40c8a09e0 100644
--- a/src/basic/efivars.c
+++ b/src/basic/efivars.c
@@ -14,6 +14,7 @@
 #include "io-util.h"
 #include "log.h"
 #include "memory-util.h"
+#include "stat-util.h"
 #include "string-util.h"
 #include "time-util.h"
 #include "utf8.h"
@@ -32,6 +33,7 @@ int efi_get_variable(
                 void **ret_value,
                 size_t *ret_size) {
 
+        int r;
         usec_t begin = 0; /* Unnecessary initialization to appease gcc */
 
         assert(variable);
@@ -66,6 +68,10 @@ int efi_get_variable(
 
                 if (fstat(fd, &st) < 0)
                         return log_debug_errno(errno, "fstat(\"%s\") failed: %m", p);
+                r = stat_verify_regular(&st);
+                if (r < 0)
+                        return log_debug_errno(r, "EFI variable '%s' is not a regular file, refusing: %m", p);
+
                 if (st.st_size == 0) /* for uncommited variables, see below */
                         return log_debug_errno(SYNTHETIC_ERRNO(ENOENT), "EFI variable '%s' is uncommitted", p);
                 if ((uint64_t) st.st_size < sizeof(attr))