Accepting request 1179761 from home:mgorse:branches:filesystems

- Add ntfs3g-unistr-use-after-free.patch: fix a use after free in
  ntfs_uppercase_mbs (boo#1226007).
- No longer call autoconf; likely not needed anymore.

OBS-URL: https://build.opensuse.org/request/show/1179761
OBS-URL: https://build.opensuse.org/package/show/filesystems/ntfs-3g_ntfsprogs?expand=0&rev=50
This commit is contained in:
Dirk Mueller 2024-06-11 17:35:23 +00:00 committed by Git OBS Bridge
parent f5b6656570
commit 2e45867bd7
3 changed files with 49 additions and 6 deletions

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Mon Jun 10 17:13:06 UTC 2024 - Michael Gorse <mgorse@suse.com>
- Add ntfs3g-unistr-use-after-free.patch: fix a use after free in
ntfs_uppercase_mbs (boo#1226007).
- No longer call autoconf; likely not needed anymore.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Dec 27 13:13:17 UTC 2022 - Ludwig Nussel <lnussel@suse.com> Tue Dec 27 13:13:17 UTC 2022 - Ludwig Nussel <lnussel@suse.com>

View File

@ -1,7 +1,7 @@
# #
# spec file for package ntfs-3g_ntfsprogs # spec file for package ntfs-3g_ntfsprogs
# #
# Copyright (c) 2022 SUSE LLC # Copyright (c) 2024 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -30,7 +30,8 @@ License: GPL-2.0-or-later
Group: System/Filesystems Group: System/Filesystems
URL: https://github.com/tuxera/ntfs-3g/ URL: https://github.com/tuxera/ntfs-3g/
Source: https://tuxera.com/opensource/%{name}-%{version}.tgz Source: https://tuxera.com/opensource/%{name}-%{version}.tgz
BuildRequires: autoconf # PATCH-FIX-UPSTREAM ntfs3g-unistr-use-after-free.patch boo#1226007 mgorse@suse.com -- fix use after free in ntfs_uppercase_mbs.
Patch0: ntfs3g-unistr-use-after-free.patch
BuildRequires: gnutls-devel BuildRequires: gnutls-devel
BuildRequires: hwinfo-devel BuildRequires: hwinfo-devel
BuildRequires: libgcrypt-devel BuildRequires: libgcrypt-devel
@ -51,7 +52,7 @@ Provides: ntfsprogs-fuse = 1.13.1
Obsoletes: ntfsprogs-fuse < 1.13.1 Obsoletes: ntfsprogs-fuse < 1.13.1
%if 0%{?suse_version} %if 0%{?suse_version}
Requires(post): update-alternatives Requires(post): update-alternatives
Requires(postun):update-alternatives Requires(postun): update-alternatives
Supplements: filesystem(ntfs-3g) Supplements: filesystem(ntfs-3g)
%endif %endif
@ -108,9 +109,7 @@ In particular ntfsck is just a place holder. Distributions are expected not to
They have been orphaned for ten years and are unlikely to be upgraded (except ntfsfallocate, if there is some demand). They have been orphaned for ten years and are unlikely to be upgraded (except ntfsfallocate, if there is some demand).
%prep %prep
%setup -q %autosetup -p1
# Rebuild configure to pick up the updated AC_HEADER_MAJOR
autoconf
%build %build
# #

View File

@ -0,0 +1,37 @@
From 75dcdc2cf37478fad6c0e3427403d198b554951d Mon Sep 17 00:00:00 2001
From: Erik Larsson <erik@tuxera.com>
Date: Tue, 13 Jun 2023 17:47:15 +0300
Subject: [PATCH] unistr.c: Fix use-after-free in 'ntfs_uppercase_mbs'.
If 'utf8_to_unicode' throws an error due to an invalid UTF-8 sequence,
then 'n' will be less than 0 and the loop will terminate without storing
anything in '*t'. After the loop the uppercase string's allocation is
freed, however after it is freed it is unconditionally accessed through
'*t', which points into the freed allocation, for the purpose of NULL-
terminating the string. This leads to a use-after-free.
Fixed by only NULL-terminating the string when no error has been thrown.
Thanks for Jeffrey Bencteux for reporting this issue:
https://github.com/tuxera/ntfs-3g/issues/84
---
libntfs-3g/unistr.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libntfs-3g/unistr.c b/libntfs-3g/unistr.c
index 5854b3b7..db8ddf42 100644
--- a/libntfs-3g/unistr.c
+++ b/libntfs-3g/unistr.c
@@ -1189,8 +1189,9 @@ char *ntfs_uppercase_mbs(const char *low,
free(upp);
upp = (char*)NULL;
errno = EILSEQ;
+ } else {
+ *t = 0;
}
- *t = 0;
}
return (upp);
}
--
2.45.0