The branch main has been updated by dab:
URL:
https://cgit.FreeBSD.org/src/commit/?id=2f35419fb26d1e45850696a8e732a12874bc1078
commit 2f35419fb26d1e45850696a8e732a12874bc1078
Author: Yongbo Yao <yongbo....@dell.com>
AuthorDate: 2025-01-19 16:50:18 +0000
Commit: David Bright <d...@freebsd.org>
CommitDate: 2025-01-19 17:00:26 +0000
stand/efihttp: Add device type check to efihttp_fs_open()
Ensure the open operation targets an HTTP device. Return EINVAL if
not, to prevent potential system crashes when used on other devices.
Differential Revision: https://reviews.freebsd.org/D48439
Reviewed by: dab, imp, vangyzen
Sponsored by: Dell Technologies
---
stand/efi/libefi/efihttp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/stand/efi/libefi/efihttp.c b/stand/efi/libefi/efihttp.c
index bcc0f7e4d79e..fd0ed744047c 100644
--- a/stand/efi/libefi/efihttp.c
+++ b/stand/efi/libefi/efihttp.c
@@ -565,6 +565,8 @@ efihttp_fs_open(const char *path, struct open_file *f)
if (!efihttp_init_done)
return (ENXIO);
+ if (f->f_dev != &efihttp_dev)
+ return (EINVAL);
/*
* If any path fails to open, try with a trailing slash in
* case it's a directory.
