Merge pull request #25791 from keszybz/ukify-check-inputs

ukify: check inputs
2024-10-15 12:34:37 +00:00 · 2022-12-22 12:10:32 +01:00 · 2022-12-22 12:10:32 +01:00 · 27ce258c54
parent 9c29d87bee 095ff238d0
commit 27ce258c54
1 changed files with 29 additions and 7 deletions
--- a/src/ukify/ukify.py
+++ b/src/ukify/ukify.py
@ -64,6 +64,15 @@ def shell_join(cmd):
    return ' '.join(shlex.quote(str(x)) for x in cmd)


+def path_is_readable(s: str | None) -> pathlib.Path | None:
+    """Convert a filename string to a Path and verify access."""
+    if s is None:
+        return None
+    p = pathlib.Path(s)
+    p.open().close()
+    return p
+
+
 def pe_executable_size(filename):
    import pefile

@ -161,7 +170,10 @@ class Uname:
        ]

        print('+', shell_join(cmd))
-        notes = subprocess.check_output(cmd, text=True)
+        try:
+            notes = subprocess.check_output(cmd, stderr=subprocess.PIPE, text=True)
+        except subprocess.CalledProcessError as e:
+            raise ValueError(e.stderr.strip()) from e

        if not (m := re.search(cls.NOTES_PATTERN, notes, re.MULTILINE)):
            raise ValueError('Cannot find Linux version note')
@ -672,26 +684,36 @@ usage: ukify [options…] linux initrd…

    opts = p.parse_args(args)

+    path_is_readable(opts.linux)
+    for initrd in opts.initrd or ():
+        path_is_readable(initrd)
+    path_is_readable(opts.devicetree)
+    path_is_readable(opts.pcrpkey)
+    for key in opts.pcr_private_keys or ():
+        path_is_readable(key)
+    for key in opts.pcr_public_keys or ():
+        path_is_readable(key)
+
    if opts.cmdline and opts.cmdline.startswith('@'):
-        opts.cmdline = pathlib.Path(opts.cmdline[1:])
+        opts.cmdline = path_is_readable(opts.cmdline[1:])

    if opts.os_release is not None and opts.os_release.startswith('@'):
-        opts.os_release = pathlib.Path(opts.os_release[1:])
+        opts.os_release = path_is_readable(opts.os_release[1:])
    elif opts.os_release is None:
        p = pathlib.Path('/etc/os-release')
        if not p.exists():
-            p = pathlib.Path('/usr/lib/os-release')
+            p = path_is_readable('/usr/lib/os-release')
        opts.os_release = p

    if opts.efi_arch is None:
        opts.efi_arch = guess_efi_arch()

    if opts.stub is None:
-        opts.stub = f'/usr/lib/systemd/boot/efi/linux{opts.efi_arch}.efi.stub'
+        opts.stub = path_is_readable(f'/usr/lib/systemd/boot/efi/linux{opts.efi_arch}.efi.stub')

    if opts.signing_engine is None:
-        opts.sb_key = pathlib.Path(opts.sb_key) if opts.sb_key else None
-        opts.sb_cert = pathlib.Path(opts.sb_cert) if opts.sb_cert else None
+        opts.sb_key = path_is_readable(opts.sb_key) if opts.sb_key else None
+        opts.sb_cert = path_is_readable(opts.sb_cert) if opts.sb_cert else None

    if bool(opts.sb_key) ^ bool(opts.sb_cert):
        raise ValueError('--secureboot-private-key= and --secureboot-certificate= must be specified together')