diff mbox series

[meta-filesystems,dunfell,2/8] ntfs-3g-ntfsprogs: Fix CVE-2021-46790

Message ID 20220701082102.17835-3-ranjitsinh.rathod@kpit.com
State Changes Requested
Headers show
Series Multiple CVE Fixes | expand

Commit Message

Ranjitsinh Rathod July 1, 2022, 8:20 a.m. UTC 
From: Omkar Patil <omkar.patil@kpit.com>

CVE: CVE-2021-46790

Signed-off-by: Omkar Patil <omkar.patil@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
---
 .../ntfs-3g-ntfsprogs/CVE-2021-46790.patch    | 31 +++++++++++++++++++
 .../ntfs-3g-ntfsprogs_2021.8.22.bb            |  4 ++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch

--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.
diff mbox series

Patch

diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch
new file mode 100644
index 000000000..e0bb1b77f
--- /dev/null
+++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch
@@ -0,0 +1,31 @@ 
+From 96412e28e5c7ac2d15f1cff8c825330bbb60976e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
+Date: Tue, 10 May 2022 10:30:24 +0200
+Subject: [PATCH] Fixed possible out-of-buffer condition in ntfsck
+
+A bad usa_count could lead to an out-of-buffer condition. Just avoid
+the issue and report the error, still not fix it.
+
+CVE: CVE-2021-46790
+Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz]
+Comment: No change in any hunk
+Signed-off-by: Omkar Patil <Omkar.Patil@kpit.com>
+
+---
+ ntfsprogs/ntfsck.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/ntfsprogs/ntfsck.c b/ntfsprogs/ntfsck.c
+index d49f3f96..8c126411 100644
+--- a/ntfsprogs/ntfsck.c
++++ b/ntfsprogs/ntfsck.c
+@@ -616,7 +616,8 @@ static BOOL check_file_record(u8 *buffer, u16 buflen)
+
+       // Remove update seq & check it.
+       usa = *(u16*)(buffer+usa_ofs); // The value that should be at the end of every sector.
+-      assert_u32_equal(usa_count-1, buflen/NTFS_BLOCK_SIZE, "USA length");
++      if (assert_u32_equal(usa_count-1, buflen/NTFS_BLOCK_SIZE, "USA length"))
++              return (1);
+       for (i=1;i<usa_count;i++) {
+               u16 *fixup = (u16*)(buffer+NTFS_BLOCK_SIZE*i-2); // the value at the end of the sector.
+               u16 saved_val = *(u16*)(buffer+usa_ofs+2*i); // the actual data value that was saved in the us array.
diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
index 19b2d6ca2..ca8af163e 100644
--- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
+++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
@@ -8,7 +8,9 @@  LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \

 SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \
            file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \
-"
+           file://CVE-2021-46790.patch \
+          "
+
 S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"
 SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae"
 SRC_URI[sha256sum] = "55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb"