ntfs-3g: fix CVE-2017-0358
This commit is contained in:
parent
7d8689de6d
commit
fdf20b1fdd
2 changed files with 37 additions and 1 deletions
36
srcpkgs/ntfs-3g/patches/CVE-2017-0358.patch
Normal file
36
srcpkgs/ntfs-3g/patches/CVE-2017-0358.patch
Normal file
|
@ -0,0 +1,36 @@
|
|||
--- src/lowntfs-3g.c.ref 2016-12-31 08:56:59.011749600 +0100
|
||||
+++ src/lowntfs-3g.c 2017-01-05 14:41:52.041473700 +0100
|
||||
@@ -3827,13 +3827,14 @@
|
||||
struct stat st;
|
||||
pid_t pid;
|
||||
const char *cmd = "/sbin/modprobe";
|
||||
+ char *env = (char*)NULL;
|
||||
struct timespec req = { 0, 100000000 }; /* 100 msec */
|
||||
fuse_fstype fstype;
|
||||
|
||||
if (!stat(cmd, &st) && !geteuid()) {
|
||||
pid = fork();
|
||||
if (!pid) {
|
||||
- execl(cmd, cmd, "fuse", NULL);
|
||||
+ execle(cmd, cmd, "fuse", NULL, &env);
|
||||
_exit(1);
|
||||
} else if (pid != -1)
|
||||
waitpid(pid, NULL, 0);
|
||||
--- src/ntfs-3g.c.ref 2016-12-31 08:56:59.022518700 +0100
|
||||
+++ src/ntfs-3g.c 2017-01-05 15:45:45.912499400 +0100
|
||||
@@ -3612,13 +3612,14 @@
|
||||
struct stat st;
|
||||
pid_t pid;
|
||||
const char *cmd = "/sbin/modprobe";
|
||||
+ char *env = (char*)NULL;
|
||||
struct timespec req = { 0, 100000000 }; /* 100 msec */
|
||||
fuse_fstype fstype;
|
||||
|
||||
if (!stat(cmd, &st) && !geteuid()) {
|
||||
pid = fork();
|
||||
if (!pid) {
|
||||
- execl(cmd, cmd, "fuse", NULL);
|
||||
+ execle(cmd, cmd, "fuse", NULL, &env);
|
||||
_exit(1);
|
||||
} else if (pid != -1)
|
||||
waitpid(pid, NULL, 0);
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'ntfs-3g'
|
||||
pkgname=ntfs-3g
|
||||
version=2016.2.22
|
||||
revision=1
|
||||
revision=2
|
||||
wrksrc="${pkgname}_ntfsprogs-${version}"
|
||||
build_style=gnu-configure
|
||||
configure_args="--exec-prefix=/usr --disable-static --with-fuse=external
|
||||
|
|
Loading…
Reference in a new issue