fwupd can assert on xb_lzma_decompressor_convert on invalid firmware files

[ Impact ]

fwupd can crash on invalid metadata files

[ Test case ]

  - Download the corrupted test metadata from this bug:
    wget https://bugs.launchpad.net/ubuntu/+source/libxmlb/+bug/2051141/+attachment/5741971/+files/fwupd-corrupted-metadata.tar.xz \
      -O /tmp/fwupd-corrupted-metadata.tar.xz

  - Replace your repo metadata
    sudo tar xvf /tmp/fwupd-corrupted-metadata.tar.xz -C /var/lib

  - Start fwupd daemon
    sudo /usr/libexec/fwupd/fwupd --verbose

  - The daemon should not crash once libxmlb is updated

[ Regression Potential ]

  - Updates may be not available in fwupdmgr

---

After downloading firmware database files fwupd could crash because of this:

Starting program: /usr/libexec/fwupd/fwupd --verbose
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
15:47:33.085 FuDebug verbose to info (on console 1)
15:47:33.086 FuEngine starting fwupd 1.9.9…
[New Thread 0x7ffff33ff640 (LWP 159733)]
15:47:33.096 FuRemoteList loading remote from /etc/fwupd/remotes.d/dell-esrt.conf
15:47:33.096 FuRemoteList loading remote from /etc/fwupd/remotes.d/fwupd.conf
15:47:33.096 FuRemoteList loading remote from /etc/fwupd/remotes.d/lvfs-testing.conf
15:47:33.097 FuRemoteList loading remote from /etc/fwupd/remotes.d/lvfs.conf
15:47:33.097 FuRemoteList loading remote from /etc/fwupd/remotes.d/vendor-directory.conf
15:47:33.097 FuRemoteList loading remote from /etc/fwupd/remotes.d/vendor.conf
15:47:33.097 FuRemoteList enabled remotes: dell-esrt[1000], fwupd[1000], vendor-directory[1000], lvfs[0]
15:47:33.097 FuEngine client certificate now exists: nothing to do
15:47:33.142 FuQuirks loading quirks from /usr/share/fwupd/quirks.d
15:47:33.142 FuQuirks loading quirks from /var/lib/fwupd/quirks.d
15:47:33.143 FuContext SMBIOS Manufacturer=LENOVO
15:47:33.143 FuContext SMBIOS EnclosureKind=a
15:47:33.143 FuContext SMBIOS Family=ThinkPad P14s Gen 4
15:47:33.143 FuContext SMBIOS ProductName=
15:47:33.143 FuContext SMBIOS ProductSku=LENOVO_MT_21K5_BU_Think_FM_ThinkPad P14s Gen 4
15:47:33.143 FuContext SMBIOS BiosVendor=LENOVO
15:47:33.143 FuContext SMBIOS BiosVersion=R2FET36W (1.16 )
15:47:33.143 FuContext SMBIOS BiosMajorRelease=01
15:47:33.143 FuContext SMBIOS BiosMinorRelease=10
15:47:33.143 FuContext SMBIOS FirmwareMajorRelease=01
15:47:33.143 FuContext SMBIOS FirmwareMinorRelease=0e
15:47:33.143 FuContext SMBIOS BaseboardManufacturer=LENOVO
15:47:33.143 FuContext SMBIOS BaseboardProduct=21K5CTO1WW
15:47:33.143 FuContext failed to load fdt: cannot find /sys/firmware/fdt or override /var/lib/fwupd/system.dtb
15:47:33.146 FuContext added udev subsystem watch of firmware-attributes
15:47:33.218 FuBiosSettings loaded 91 BIOS settings
15:47:33.218 FuBiosSettings Disabling changing SecureBoot since Allow3rdPartyUEFICA is Disable
15:47:33.218 FuEngine loading metadata for remote 'vendor-directory'
15:47:33.218 FuEngine ignoring: /usr/share/fwupd/remotes.d/vendor/firmware/README.md
15:47:33.218 FuEngine ignoring: Errore nell'aprire la directory «/var/lib/fwupd/local.d»: File o directory non esistente
15:47:33.218 FuEngine ignoring: Errore nell'aprire la directory «/usr/share/fwupd/local.d»: File o directory non esistente
**
ERROR:../src/xb-lzma-decompressor.c:130:xb_lzma_decompressor_convert: code should not be reached
Bail out! ERROR:../src/xb-lzma-decompressor.c:130:xb_lzma_decompressor_convert: code should not be reached

Thread 1 "fwupd" received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=0, signo=6, threadid=140737313229568) at ./nptl/pthread_kill.c:44
44 ./nptl/pthread_kill.c: File o directory non esistente.
(gdb) bt
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=140737313229568) at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=140737313229568) at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=140737313229568, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3 0x00007ffff7442476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4 0x00007ffff74287f3 in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007ffff7743b57 in g_assertion_message
    (domain=<optimized out>, file=<optimized out>, line=<optimized out>, func=0x7ffff7eb4990 "xb_lzma_decompressor_convert", message=<optimized out>) at ../../../glib/gtestutils.c:3253
#6 0x00007ffff779d70f in g_assertion_message_expr
    (domain=0x0, file=0x7ffff7eb412e "../src/xb-lzma-decompressor.c", line=130, func=0x7ffff7eb4990 "xb_lzma_decompressor_convert", expr=<optimized out>) at ../../../glib/gtestutils.c:3279
#7 0x00007ffff7e9d548 in () at /lib/x86_64-linux-gnu/libxmlb.so.2
#8 0x00007ffff78aeec5 in read_internal
    (stream=<optimized out>, buffer=<optimized out>, count=<optimized out>, blocking=1, cancellable=0x0, error=0x7fffffffdeb8) at ../../../gio/gconverterinputstream.c:492
#9 0x00007ffff78dd1f7 in g_input_stream_read
    (stream=0x5555555b6960, buffer=0x555555675ed0, count=32768, cancellable=0x0, error=0x7fffffffdeb8)
    at ../../../gio/ginputstream.c:198
#10 0x00007ffff7ea324c in xb_builder_compile () at /lib/x86_64-linux-gnu/libxmlb.so.2
#11 0x00007ffff7ea4175 in xb_builder_ensure () at /lib/x86_64-linux-gnu/libxmlb.so.2
#12 0x00007ffff7c8a249 in fu_engine_load_metadata_store
    (self=self@entry=0x5555555b2000, flags=flags@entry=78, error=error@entry=0x7fffffffe248)
    at ../src/fu-engine.c:4623
#13 0x00007ffff7c916e3 in fu_engine_load
    (self=<optimized out>, flags=flags@entry=78, progress=<optimized out>, error=error@entry=0x7fffffffe248)
    at ../src/fu-engine.c:8757
#14 0x0000555555561c92 in fu_daemon_setup
    (self=self@entry=0x5555555aa010, socket_address=socket_address@entry=0x0, error=error@entry=0x7fffffffe248)
    at ../src/fu-daemon.c:2306
#15 0x000055555555c078 in main (argc=<optimized out>, argv=<optimized out>) at ../src/fu-main.c:174
(gdb)

--

This has been fixed upstream via https://github.com/hughsie/libxmlb/pull/133 so it would be a nice backport for 22.04, since it may prevent system updates.