[oe][meta-filesystems][dunfell][PATCH 3/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30783

Ranjitsinh Rathod via lists.openembedded.org Fri, 01 Jul 2022 01:22:19 -0700

From: Omkar Patil <[email protected]>

CVE: CVE-2022-30783


Signed-off-by: Omkar Patil <[email protected]>
Signed-off-by: Ranjitsinh Rathod <[email protected]>
---
 .../ntfs-3g-ntfsprogs/CVE-2022-30783.patch    | 75 +++++++++++++++++++
 .../ntfs-3g-ntfsprogs_2021.8.22.bb            |  1 +
 2 files changed, 76 insertions(+)
 create mode 100644 
meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch

diff --git 
a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch
 
b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch
new file mode 100644
index 000000000..41f26503e
--- /dev/null
+++ 
b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch
@@ -0,0 +1,75 @@
+From 7f81935f32e58e8fec22bc46683b1b067469405f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <[email protected]>
+Date: Tue, 10 May 2022 10:44:34 +0200
+Subject: [PATCH] Returned an error code when the --help or --version options
+ are used
+
+Accepting --help or --version options may leave the ntfs-3g process in an
+unclean state, so reject them while processing options. Also reject
+them in libfuse-lite.
+
+CVE: CVE-2022-30783
+Upstream-Status: Backport 
[http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz]
+Comment: No change in any hunk
+Signed-off-by: Omkar Patil <[email protected]>
+
+---
+ libfuse-lite/mount.c | 3 +--
+ src/ntfs-3g_common.c | 6 ++++++
+ src/ntfs-3g_common.h | 2 ++
+ 3 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/libfuse-lite/mount.c b/libfuse-lite/mount.c
+index 64adee7d..6ae29d8c 100644
+--- a/libfuse-lite/mount.c
++++ b/libfuse-lite/mount.c
+@@ -670,11 +670,10 @@ int fuse_kern_mount(const char *mountpoint, struct 
fuse_args *args)
+         fprintf(stderr, "fuse: 'allow_other' and 'allow_root' options are 
mutually exclusive\n");
+         goto out;
+     }
+-    res = 0;
++    res = -1;
+     if (mo.ishelp)
+         goto out;
+
+-    res = -1;
+     if (get_mnt_flag_opts(&mnt_opts, mo.flags) == -1)
+         goto out;
+ #ifndef __SOLARIS__
+diff --git a/src/ntfs-3g_common.c b/src/ntfs-3g_common.c
+index 7e3e93d2..29021dfc 100644
+--- a/src/ntfs-3g_common.c
++++ b/src/ntfs-3g_common.c
+@@ -128,6 +128,10 @@ const struct DEFOPTION optionlist[] = {
+       { "efs_raw", OPT_EFS_RAW, FLGOPT_BOGUS },
+       { "posix_nlink", OPT_POSIX_NLINK, FLGOPT_BOGUS },
+       { "special_files", OPT_SPECIAL_FILES, FLGOPT_STRING },
++      { "--help", OPT_HELP, FLGOPT_BOGUS },
++      { "-h", OPT_HELP, FLGOPT_BOGUS },
++      { "--version", OPT_VERSION, FLGOPT_BOGUS },
++      { "-V", OPT_VERSION, FLGOPT_BOGUS },
+       { (const char*)NULL, 0, 0 } /* end marker */
+ } ;
+
+@@ -521,6 +525,8 @@ char *parse_mount_options(ntfs_fuse_context_t *ctx,
+                        * mounted or not.
+                        *      (falling through to default)
+                        */
++                      case OPT_HELP : /* Could lead to unclean condition */
++                      case OPT_VERSION : /* Could lead to unclean condition */
+                       default :
+                               ntfs_log_error("'%s' is an unsupported 
option.\n",
+                                       poptl->name);
+diff --git a/src/ntfs-3g_common.h b/src/ntfs-3g_common.h
+index 4ed256a3..8ead5107 100644
+--- a/src/ntfs-3g_common.h
++++ b/src/ntfs-3g_common.h
+@@ -94,6 +94,8 @@ enum {
+       OPT_EFS_RAW,
+       OPT_POSIX_NLINK,
+       OPT_SPECIAL_FILES,
++      OPT_HELP,
++      OPT_VERSION,
+ } ;
+
+                       /* Option flags */
diff --git 
a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
 
b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
index ca8af163e..ccd18f86c 100644
--- 
a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
+++ 
b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \
 SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \
            
file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \
            file://CVE-2021-46790.patch \
+           file://CVE-2022-30783.patch \
           "

 S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"
--
2.17.1

This message contains information that may be privileged or confidential and is 
the property of the KPIT Technologies Ltd. It is intended only for the person 
to whom it is addressed. If you are not the intended recipient, you are not 
authorized to read, print, retain copy, disseminate, distribute, or use this 
message or any part thereof. If you receive this message in error, please 
notify the sender immediately and delete all copies of this message. KPIT 
Technologies Ltd. does not accept any liability for virus infected mails.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#97655): 
https://lists.openembedded.org/g/openembedded-devel/message/97655
Mute This Topic: https://lists.openembedded.org/mt/92104302/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe][meta-filesystems][dunfell][PATCH 3/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30783

Reply via email to