From 0bfd0d47fcee314aa2f3346d1a322e9bcc7a750b Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Thu, 12 Mar 2026 16:52:11 +0000
Subject: [PATCH 01/18] Make some functions static

Not used outside of the program.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 1bf53a261..6e36c193a 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -21,7 +21,7 @@ struct sbat_revocation {
 
 static sbat_revocation *revlisthead;
 
-int
+static int
 readfile(char *SbatLevel_Variable)
 {
 	FILE *varfilep;
@@ -93,7 +93,7 @@ readfile(char *SbatLevel_Variable)
 	return ret;
 }
 
-int
+static int
 writefile()
 {
 	int epochfound = 0;

From 67c05bb5ec1f1f7d679be60f34b4108901b4958b Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Thu, 12 Mar 2026 16:54:26 +0000
Subject: [PATCH 02/18] Constify some variables

They should not be changed.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 6e36c193a..6892eb4ea 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -22,7 +22,7 @@ struct sbat_revocation {
 static sbat_revocation *revlisthead;
 
 static int
-readfile(char *SbatLevel_Variable)
+readfile(const char *SbatLevel_Variable)
 {
 	FILE *varfilep;
 	char line[1024];
@@ -100,8 +100,8 @@ writefile()
 	int epochdate = 2021030218;
 	int latestdate = 0;
 
-	sbat_revocation *revlistentry;
-	sbat_revocation *latest_revlistentry = NULL;
+	const sbat_revocation *revlistentry;
+	const sbat_revocation *latest_revlistentry = NULL;
 
 	revlistentry = revlisthead;
 

From 7a75d4ccb41bdaf4c90a65cee870e482edb4066f Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Thu, 12 Mar 2026 16:56:49 +0000
Subject: [PATCH 03/18] Fix readfile error check

The function was always returning true (!= 0), make it returns 0
on success like writefile function.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 6892eb4ea..89b59197c 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -76,7 +76,7 @@ readfile(const char *SbatLevel_Variable)
 		}
 	}
 
-	ret = 1;
+	ret = 0;
 err:
 	if (ret < 0 && revlisthead) {
 		sbat_revocation *rle = revlisthead;
@@ -167,7 +167,6 @@ main(int argc, char *argv[])
 		snprintf(SbatLevel_Variable, 2048, "SbatLevel_Variable.txt");
 
 	if (readfile(SbatLevel_Variable))
-		return writefile();
-	else
 		return -1;
+	return writefile();
 }

From 25381a52f1613023eee2d322ddb74b0e5c7f6969 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:38:44 +0000
Subject: [PATCH 04/18] Factor out and reuse function to clear revocation list

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 89b59197c..6d2b0dd5e 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -21,6 +21,19 @@ struct sbat_revocation {
 
 static sbat_revocation *revlisthead;
 
+static void
+free_revocation_list(void)
+{
+	sbat_revocation *rle = revlisthead;
+	while (rle) {
+		sbat_revocation *next = rle->next;
+		free(rle->revocations);
+		free(rle);
+		rle = next;
+	}
+	revlisthead = NULL;
+}
+
 static int
 readfile(const char *SbatLevel_Variable)
 {
@@ -34,7 +47,7 @@ readfile(const char *SbatLevel_Variable)
 	sbat_revocation *revlistlast = NULL;
 	sbat_revocation *revlistentry = NULL;
 
-	revlisthead = NULL;
+	free_revocation_list();
 
 	varfilep = fopen(SbatLevel_Variable, "r");
 	if (varfilep == NULL)
@@ -78,17 +91,8 @@ readfile(const char *SbatLevel_Variable)
 
 	ret = 0;
 err:
-	if (ret < 0 && revlisthead) {
-		sbat_revocation *rle = revlisthead;
-		while (rle) {
-			sbat_revocation *next = rle->next;
-			if (rle->revocations)
-				free(rle->revocations);
-			free(rle);
-			rle = next;
-		}
-		revlisthead = NULL;
-	}
+	if (ret < 0)
+		free_revocation_list();
 	fclose(varfilep);
 	return ret;
 }

From 508c9e7e8197a3c46f544510dc19185aadd72728 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:39:57 +0000
Subject: [PATCH 05/18] Use tabs for indentation

The rest of the file use tabs.
Just style change.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 6d2b0dd5e..7dc54362a 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -142,8 +142,8 @@ writefile()
 	       "#endif /* SBAT_AUTOMATIC_DATE == */\n\n"
 	       "#define SBAT_VAR_AUTOMATIC_DATE QUOTEVAL(SBAT_AUTOMATIC_DATE)\n"
 	       "#define SBAT_VAR_AUTOMATIC \\\n"
-               "	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_AUTOMATIC_DATE \"\\n\" \\\n"
-               "	SBAT_VAR_AUTOMATIC_REVOCATIONS\n\n");
+	       "	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_AUTOMATIC_DATE \"\\n\" \\\n"
+	       "	SBAT_VAR_AUTOMATIC_REVOCATIONS\n\n");
 
 	printf("#define SBAT_VAR_LATEST_DATE \"%d\"\n"
 	       "#define SBAT_VAR_LATEST_REVOCATIONS \"%s\"\n",
@@ -151,8 +151,8 @@ writefile()
 	       latest_revlistentry->revocations);
 
 	printf("#define SBAT_VAR_LATEST \\\n"
-               "	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE \"\\n\" \\\n"
-               "	SBAT_VAR_LATEST_REVOCATIONS\n\n"
+	       "	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE \"\\n\" \\\n"
+	       "	SBAT_VAR_LATEST_REVOCATIONS\n\n"
 	       "#endif /* !ENABLE_SHIM_DEVEL */\n"
 	       "#endif /* !GEN_SBAT_VAR_DEFS_H_ */\n");
 

From b702964863d7ee1950e4ca34574863a5f9960671 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:41:23 +0000
Subject: [PATCH 06/18] Use bool for epochfound

More readable.
Just style change.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 7dc54362a..7fc14c021 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -9,6 +9,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdbool.h>
 #include <string.h>
 
 typedef struct sbat_revocation sbat_revocation;
@@ -100,7 +101,7 @@ readfile(const char *SbatLevel_Variable)
 static int
 writefile()
 {
-	int epochfound = 0;
+	bool epochfound = false;
 	int epochdate = 2021030218;
 	int latestdate = 0;
 
@@ -120,8 +121,8 @@ writefile()
 			       "#if SBAT_AUTOMATIC_DATE == %d\n"
 			       "#define SBAT_VAR_AUTOMATIC_REVOCATIONS\n",
 			       revlistentry->date);
-			epochfound = 1;
-		} else if (epochfound == 1) {
+			epochfound = true;
+		} else if (epochfound) {
 			printf("#elif SBAT_AUTOMATIC_DATE == %d\n"
 			       "#define SBAT_VAR_AUTOMATIC_REVOCATIONS \"%s\"\n",
 			       revlistentry->date,
@@ -134,7 +135,7 @@ writefile()
 		revlistentry = revlistentry->next;
 	}
 
-	if (epochfound == 0 || !latest_revlistentry)
+	if (!epochfound || !latest_revlistentry)
 		return -1;
 
 	printf("#else\n"

From 02b86930cb6f9e9946bb48ba7a0c3341f37dc734 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:44:38 +0000
Subject: [PATCH 07/18] Use unsigned for "date" field

The number can't be negative, this allows sscanf to be more strict
about it.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 7fc14c021..a58405f58 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -15,7 +15,7 @@
 typedef struct sbat_revocation sbat_revocation;
 
 struct sbat_revocation {
-	int date;
+	unsigned int date;
 	char *revocations;
 	sbat_revocation *next;
 };
@@ -40,7 +40,7 @@ readfile(const char *SbatLevel_Variable)
 {
 	FILE *varfilep;
 	char line[1024];
-	int date;
+	unsigned int date;
 	int ret = -1;
 
 	unsigned int revocationsp = 0;
@@ -55,7 +55,7 @@ readfile(const char *SbatLevel_Variable)
 		return -1;
 
 	while (fgets(line, sizeof(line), varfilep) != NULL) {
-		if (sscanf(line, "sbat,1,%d\n", &date) && strlen(line) == 18) {
+		if (sscanf(line, "sbat,1,%u\n", &date) && strlen(line) == 18) {
 			revlistentry = calloc(1, sizeof(sbat_revocation));
 			if (revlistentry == NULL)
 				goto err;
@@ -102,8 +102,8 @@ static int
 writefile()
 {
 	bool epochfound = false;
-	int epochdate = 2021030218;
-	int latestdate = 0;
+	unsigned int epochdate = 2021030218;
+	unsigned int latestdate = 0;
 
 	const sbat_revocation *revlistentry;
 	const sbat_revocation *latest_revlistentry = NULL;
@@ -118,12 +118,12 @@ writefile()
 			       "#ifndef SBAT_AUTOMATIC_DATE\n"
 			       "#define SBAT_AUTOMATIC_DATE 2024040900\n"
 			       "#endif /* SBAT_AUTOMATIC_DATE */\n"
-			       "#if SBAT_AUTOMATIC_DATE == %d\n"
+			       "#if SBAT_AUTOMATIC_DATE == %u\n"
 			       "#define SBAT_VAR_AUTOMATIC_REVOCATIONS\n",
 			       revlistentry->date);
 			epochfound = true;
 		} else if (epochfound) {
-			printf("#elif SBAT_AUTOMATIC_DATE == %d\n"
+			printf("#elif SBAT_AUTOMATIC_DATE == %u\n"
 			       "#define SBAT_VAR_AUTOMATIC_REVOCATIONS \"%s\"\n",
 			       revlistentry->date,
 			       revlistentry->revocations);
@@ -146,7 +146,7 @@ writefile()
 	       "	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_AUTOMATIC_DATE \"\\n\" \\\n"
 	       "	SBAT_VAR_AUTOMATIC_REVOCATIONS\n\n");
 
-	printf("#define SBAT_VAR_LATEST_DATE \"%d\"\n"
+	printf("#define SBAT_VAR_LATEST_DATE \"%u\"\n"
 	       "#define SBAT_VAR_LATEST_REVOCATIONS \"%s\"\n",
 	       latest_revlistentry->date,
 	       latest_revlistentry->revocations);

From ceb207ce92ee557b00887e3df34ad3ece1332500 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:47:37 +0000
Subject: [PATCH 08/18] Reduce indentation

Use continue to reduce function indentation.
Just style change.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 60 ++++++++++++++++++++--------------------
 1 file changed, 30 insertions(+), 30 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index a58405f58..849802929 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -55,39 +55,39 @@ readfile(const char *SbatLevel_Variable)
 		return -1;
 
 	while (fgets(line, sizeof(line), varfilep) != NULL) {
-		if (sscanf(line, "sbat,1,%u\n", &date) && strlen(line) == 18) {
-			revlistentry = calloc(1, sizeof(sbat_revocation));
-			if (revlistentry == NULL)
+		if (!sscanf(line, "sbat,1,%u\n", &date) || strlen(line) != 18)
+			continue;
+		revlistentry = calloc(1, sizeof(sbat_revocation));
+		if (revlistentry == NULL)
+			goto err;
+		if (revlisthead == NULL)
+			revlisthead = revlistentry;
+		else
+			revlistlast->next = revlistentry;
+
+		revlistlast = revlistentry;
+
+		revlistentry->date = date;
+		while (line[0] != '\n' &&
+		       fgets(line, sizeof(line), varfilep) != NULL) {
+			char *new = NULL;
+			new = realloc(revlistentry->revocations,
+			              revocationsp + strlen(line) + 2);
+			if (new == NULL) {
+				ret = -1;
 				goto err;
-			if (revlisthead == NULL)
-				revlisthead = revlistentry;
-			else
-				revlistlast->next = revlistentry;
-
-			revlistlast = revlistentry;
-
-			revlistentry->date = date;
-			while (line[0] != '\n' &&
-			       fgets(line, sizeof(line), varfilep) != NULL) {
-				char *new = NULL;
-				new = realloc(revlistentry->revocations,
-				              revocationsp + strlen(line) + 2);
-				if (new == NULL) {
-					ret = -1;
-					goto err;
-				}
-				revlistentry->revocations = new;
-				if (strlen(line) > 1) {
-					line[strlen(line) - 1] = 0;
-					sprintf(revlistentry->revocations +
-					                revocationsp,
-					        "%s\\n", line);
-					revocationsp =
-						revocationsp + strlen(line) + 2;
-				}
 			}
-			revocationsp = 0;
+			revlistentry->revocations = new;
+			if (strlen(line) > 1) {
+				line[strlen(line) - 1] = 0;
+				sprintf(revlistentry->revocations +
+				                revocationsp,
+				        "%s\\n", line);
+				revocationsp =
+					revocationsp + strlen(line) + 2;
+			}
 		}
+		revocationsp = 0;
 	}
 
 	ret = 0;

From c373d195c1af6a3663a39077bceb087c61c7b90b Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:48:43 +0000
Subject: [PATCH 09/18] Check file read error

Although unlikely fgets can return NULL with file read errors.
Detect them.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 849802929..9b86a709d 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -90,7 +90,8 @@ readfile(const char *SbatLevel_Variable)
 		revocationsp = 0;
 	}
 
-	ret = 0;
+	if (!ferror(varfilep))
+		ret = 0;
 err:
 	if (ret < 0)
 		free_revocation_list();

From 2562c277e453e9bf0e37ed43fdb8a4cfcc8fade9 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:51:57 +0000
Subject: [PATCH 10/18] Restrict some variable scope

Just style change.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 9b86a709d..76b705349 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -40,11 +40,8 @@ readfile(const char *SbatLevel_Variable)
 {
 	FILE *varfilep;
 	char line[1024];
-	unsigned int date;
 	int ret = -1;
 
-	unsigned int revocationsp = 0;
-
 	sbat_revocation *revlistlast = NULL;
 	sbat_revocation *revlistentry = NULL;
 
@@ -55,6 +52,9 @@ readfile(const char *SbatLevel_Variable)
 		return -1;
 
 	while (fgets(line, sizeof(line), varfilep) != NULL) {
+		unsigned int date;
+		size_t revocationsp = 0;
+
 		if (!sscanf(line, "sbat,1,%u\n", &date) || strlen(line) != 18)
 			continue;
 		revlistentry = calloc(1, sizeof(sbat_revocation));
@@ -87,7 +87,6 @@ readfile(const char *SbatLevel_Variable)
 					revocationsp + strlen(line) + 2;
 			}
 		}
-		revocationsp = 0;
 	}
 
 	if (!ferror(varfilep))

From e826890bf098a2b79229edd45f41adbb864bf6c6 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:53:59 +0000
Subject: [PATCH 11/18] Make errors more verbose

Give some indication of the failures.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 76b705349..3888b2110 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -48,8 +48,10 @@ readfile(const char *SbatLevel_Variable)
 	free_revocation_list();
 
 	varfilep = fopen(SbatLevel_Variable, "r");
-	if (varfilep == NULL)
+	if (varfilep == NULL) {
+		fprintf(stderr, "Error opening file %s\n", SbatLevel_Variable);
 		return -1;
+	}
 
 	while (fgets(line, sizeof(line), varfilep) != NULL) {
 		unsigned int date;
@@ -58,8 +60,10 @@ readfile(const char *SbatLevel_Variable)
 		if (!sscanf(line, "sbat,1,%u\n", &date) || strlen(line) != 18)
 			continue;
 		revlistentry = calloc(1, sizeof(sbat_revocation));
-		if (revlistentry == NULL)
+		if (revlistentry == NULL) {
+			fprintf(stderr, "Out of memory\n");
 			goto err;
+		}
 		if (revlisthead == NULL)
 			revlisthead = revlistentry;
 		else
@@ -74,7 +78,7 @@ readfile(const char *SbatLevel_Variable)
 			new = realloc(revlistentry->revocations,
 			              revocationsp + strlen(line) + 2);
 			if (new == NULL) {
-				ret = -1;
+				fprintf(stderr, "Out of memory\n");
 				goto err;
 			}
 			revlistentry->revocations = new;
@@ -135,8 +139,10 @@ writefile()
 		revlistentry = revlistentry->next;
 	}
 
-	if (!epochfound || !latest_revlistentry)
+	if (!epochfound || !latest_revlistentry) {
+		fprintf(stderr, "Epoch not found\n");
 		return -1;
+	}
 
 	printf("#else\n"
 	       "#error \"Unknown SBAT_AUTOMATIC_DATE\"\n"

From 51e250e808f9fe071b798be52538bfe0807d2af5 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:56:49 +0000
Subject: [PATCH 12/18] Add more explicit check on revocation list format

The epoch line should be the first revocation list.
There should be no 2 epoch revocations.
Other revocations should be after the epoch.
These should be detected probably by compiling the resulting
code but better to be explicit.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 3888b2110..f5613f8a9 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -116,6 +116,10 @@ writefile()
 
 	while (revlistentry != NULL) {
 		if (revlistentry->date == epochdate) {
+			if (epochfound) {
+				fprintf(stderr, "Only one epoch expected\n");
+				return -1;
+			}
 			printf("#ifndef GEN_SBAT_VAR_DEFS_H_\n"
 			       "#define GEN_SBAT_VAR_DEFS_H_\n"
 			       "#ifndef ENABLE_SHIM_DEVEL\n\n"
@@ -131,6 +135,9 @@ writefile()
 			       "#define SBAT_VAR_AUTOMATIC_REVOCATIONS \"%s\"\n",
 			       revlistentry->date,
 			       revlistentry->revocations);
+		} else {
+			fprintf(stderr, "Revocation not expected before epoch\n");
+			return -1;
 		}
 		if (revlistentry->date > latestdate) {
 			latest_revlistentry = revlistentry;

From bf7f03129d8f992fc86fd4330f182fc5cdc50c3b Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 11:58:52 +0000
Subject: [PATCH 13/18] Make sure revocation string is always terminated

In case the revocation string is the epoch revocation the
string was not terminated.
Currently the string is not used but better to be safer.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index f5613f8a9..5eb00a1df 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -81,6 +81,7 @@ readfile(const char *SbatLevel_Variable)
 				fprintf(stderr, "Out of memory\n");
 				goto err;
 			}
+			new[revocationsp] = '\0';
 			revlistentry->revocations = new;
 			if (strlen(line) > 1) {
 				line[strlen(line) - 1] = 0;

From 5e7b17dfa62e238a0eb954f1cc26ba2ec1a6d69d Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 12:04:53 +0000
Subject: [PATCH 14/18] Handle not newline terminated last line correctly

The code was potentially stripping last not-newline character from
last line.
Although most editors finish text files with a new line this is not
always true and could lead to security issues (think about a
"component,12" revocation parsed as a "component,1" revocation).
Normalize the string line stripping only the newline terminator.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 5eb00a1df..fa826e8b2 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -35,6 +35,14 @@ free_revocation_list(void)
 	revlisthead = NULL;
 }
 
+static void
+chomp(char *str)
+{
+	size_t len = strlen(str);
+	if (len > 0 && str[--len] == '\n')
+		str[len] = '\0';
+}
+
 static int
 readfile(const char *SbatLevel_Variable)
 {
@@ -72,25 +80,24 @@ readfile(const char *SbatLevel_Variable)
 		revlistlast = revlistentry;
 
 		revlistentry->date = date;
-		while (line[0] != '\n' &&
-		       fgets(line, sizeof(line), varfilep) != NULL) {
+		while (fgets(line, sizeof(line), varfilep) != NULL) {
+			chomp(line);
+
 			char *new = NULL;
 			new = realloc(revlistentry->revocations,
-			              revocationsp + strlen(line) + 2);
+			              revocationsp + strlen(line) + 3);
 			if (new == NULL) {
 				fprintf(stderr, "Out of memory\n");
 				goto err;
 			}
 			new[revocationsp] = '\0';
 			revlistentry->revocations = new;
-			if (strlen(line) > 1) {
-				line[strlen(line) - 1] = 0;
-				sprintf(revlistentry->revocations +
-				                revocationsp,
-				        "%s\\n", line);
-				revocationsp =
-					revocationsp + strlen(line) + 2;
-			}
+			if (strlen(line) == 0)
+				break;
+
+			sprintf(revlistentry->revocations + revocationsp,
+			        "%s\\n", line);
+			revocationsp = strlen(revlistentry->revocations);
 		}
 	}
 

From ffbb72208be86dd6550ddbeb2546befaea383a8c Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 12:06:29 +0000
Subject: [PATCH 15/18] Better checks for revocation lines

Make sure they are in the format XXXX,nn where X are not commas or
spaces and n are just digits.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index fa826e8b2..053e74a61 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -35,6 +35,18 @@ free_revocation_list(void)
 	revlisthead = NULL;
 }
 
+static int
+check_revocation_line(const char *line)
+{
+	int num = -1;
+	if (sscanf(line, "%*[^, \t],%*[0-9]%n", &num) < 0 ||
+	    num < 0 || line[num] != '\0') {
+		fprintf(stderr, "Invalid revocation line: %s\n", line);
+		return -1;
+	}
+	return 0;
+}
+
 static void
 chomp(char *str)
 {
@@ -95,6 +107,8 @@ readfile(const char *SbatLevel_Variable)
 			if (strlen(line) == 0)
 				break;
 
+			if (check_revocation_line(line))
+				goto err;
 			sprintf(revlistentry->revocations + revocationsp,
 			        "%s\\n", line);
 			revocationsp = strlen(revlistentry->revocations);

From 2420546c6a5063bbf17c3c7bd5c50cc4d5291954 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 12:08:11 +0000
Subject: [PATCH 16/18] Minor output format style changes

Add an "autogenerated" comment.
Separate default GEN_SBAT_VAR_DEFS_H_ definition with an extra
empty line.
No functional changes.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 053e74a61..089054754 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -142,12 +142,13 @@ writefile()
 				fprintf(stderr, "Only one epoch expected\n");
 				return -1;
 			}
-			printf("#ifndef GEN_SBAT_VAR_DEFS_H_\n"
+			printf("// Autogenerated by generate_sbat_var_defs\n\n"
+			       "#ifndef GEN_SBAT_VAR_DEFS_H_\n"
 			       "#define GEN_SBAT_VAR_DEFS_H_\n"
 			       "#ifndef ENABLE_SHIM_DEVEL\n\n"
 			       "#ifndef SBAT_AUTOMATIC_DATE\n"
 			       "#define SBAT_AUTOMATIC_DATE 2024040900\n"
-			       "#endif /* SBAT_AUTOMATIC_DATE */\n"
+			       "#endif /* SBAT_AUTOMATIC_DATE */\n\n"
 			       "#if SBAT_AUTOMATIC_DATE == %u\n"
 			       "#define SBAT_VAR_AUTOMATIC_REVOCATIONS\n",
 			       revlistentry->date);

From e962961179d5aa52c44d86caaf605d1ab740860f Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 12:09:56 +0000
Subject: [PATCH 17/18] Don't ignore first program argument

If you had more than 1 argument the first was ignored treating
as no arguments were given.
Instead ignore remaining argument.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 089054754..57bba86a6 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -202,7 +202,7 @@ main(int argc, char *argv[])
 {
 	char SbatLevel_Variable[2048];
 
-	if (argc == 2)
+	if (argc >= 2)
 		snprintf(SbatLevel_Variable, 2048, "%s/SbatLevel_Variable.txt", argv[1]);
 	else
 		snprintf(SbatLevel_Variable, 2048, "SbatLevel_Variable.txt");

From d89dff1681d3fadb9870d28ae8f7eb168ca6c22e Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <frediano.ziglio@citrix.com>
Date: Fri, 13 Mar 2026 12:11:23 +0000
Subject: [PATCH 18/18] Declare parameters for "writefile" function

No parameters declaration is more K&R or C++ style.
Some recent compilers complain about it.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
---
 generate_sbat_var_defs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/generate_sbat_var_defs.c b/generate_sbat_var_defs.c
index 57bba86a6..df642ac40 100644
--- a/generate_sbat_var_defs.c
+++ b/generate_sbat_var_defs.c
@@ -125,7 +125,7 @@ readfile(const char *SbatLevel_Variable)
 }
 
 static int
-writefile()
+writefile(void)
 {
 	bool epochfound = false;
 	unsigned int epochdate = 2021030218;