From d3a0cce466407e2b03e3066acfdebddc1aa9b465 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Fri, 13 Mar 2026 16:17:05 +0000
Subject: util/nvmutil: check gbe file size before write

re-check. very unlikely since the program doesn't run
for very long, but we have to check if the file has
changed. this is a basic check of file size.

we could probably check the contents too, but that
would be overkill.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'util/nvmutil')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index efedb07d..c6e25ce7 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -135,6 +135,11 @@ CFLAGS += -fstack-protector-strong
 CFLAGS += -fno-common
 CFLAGS += -D_FORTIFY_SOURCE=2
 CFLAGS += -fPIE
+
+also consider:
+-fstack-clash-protection
+-Wl,-z,relro
+-Wl,-z,now
 */
 
 #ifndef _XOPEN_SOURCE
@@ -1353,6 +1358,8 @@ gbe_cat_buf(uint8_t *b)
 static void
 write_gbe_file(void)
 {
+	struct stat gbe_st;
+
 	size_t p;
 	size_t partnum;
 	uint8_t update_checksum;
@@ -1363,6 +1370,12 @@ write_gbe_file(void)
 	update_checksum = command[cmd_index].chksum_write;
 
 	override_part_modified();
+	
+	if (fstat(gbe_fd, &gbe_st) == -1)
+		err(errno, "%s: re-check", fname);
+
+	if (gbe_st.st_size != gbe_file_size)
+		err(errno, "%s: file size changed before write", fname);
 
 	for (p = 0; p < 2; p++) {
 		partnum = p ^ command[cmd_index].invert;
-- 
cgit v1.2.1