fuse-overlayfs: Fix buffer overflow bug on workdir path

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
author: Andrei Gherzan <andrei.gherzan@huawei.com> 2022-07-11 20:53:05 +0200
committer: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-07-15 17:11:58 -0400
commit: 81d62914ce2ec9ea6096ee097b6e48d332672b3c (patch)
tree: 9c47697d4ff958a49eea4b77ba37d5e14faae2a7
parent: cf8a763b28e0608b475643781c5ae51a5186b543 (diff)
download: meta-virtualization-81d62914ce2ec9ea6096ee097b6e48d332672b3c.tar.gz
2 files changed, 36 insertions, 1 deletions
diff --git a/recipes-extended/fuse-overlayfs/fuse-overlayfs/0001-Fix-buffer-overflow-on-workdir-path.patch b/recipes-extended/fuse-overlayfs/fuse-overlayfs/0001-Fix-buffer-overflow-on-workdir-path.patch
new file mode 100644
index 00000000..129423d4
--- /dev/null
+++ b/recipes-extended/fuse-overlayfs/fuse-overlayfs/0001-Fix-buffer-overflow-on-workdir-path.patch
@@ -0,0 +1,32 @@
+From 7e5992d6121aed0cfcbfaf70472f28d87cff1426 Mon Sep 17 00:00:00 2001
+From: Andrei Gherzan <andrei.gherzan@huawei.com>
+Date: Mon, 11 Jul 2022 20:36:06 +0200
+Subject: [PATCH] Fix buffer overflow on workdir path
+We make sure that the path used for workdir is reallocated before
+appending. This was initially included in upstream as part of
+https://github.com/containers/fuse-overlayfs/commit/d5b725b6f18a437db66bfc1456d04c3bf658f66a.
+Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
+Upstream-Status: Backport
+---
+ main.c | 3 +++
+ 1 file changed, 3 insertions(+)
+diff --git a/main.c b/main.c
+index e5bdda1..118a6cb 100644
+--- a/main.c
+++ b/main.c
+@@ -5039,6 +5039,9 @@ main (int argc, char *argv[])
+       if (path == NULL)
+         goto err_out1;
+       mkdir (path, 0700);
+      path = realloc(path, strlen(path)+strlen("/work")+1);
+      if (!path)
+        error (EXIT_FAILURE, errno, "allocating workdir path");
+       strcat (path, "/work");
+       mkdir (path, 0700);
+       free (lo.workdir);
+-- 
+2.25.1
diff --git a/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb b/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb
index a02c1e60..4f793bd9 100644
--- a/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb
+++ b/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb
@@ -6,7 +6,10 @@ LICENSE = "GPL-3.0-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 SRCREV = "098d9ad79fdbb8538adde08628408aa32a8b4b17"
-SRC_URI = "git://github.com/containers/fuse-overlayfs.git;nobranch=1;protocol=https"
+SRC_URI = " \
+        git://github.com/containers/fuse-overlayfs.git;nobranch=1;protocol=https \
+        file://0001-Fix-buffer-overflow-on-workdir-path.patch \
+"
 DEPENDS = "fuse3"
author	Andrei Gherzan <andrei.gherzan@huawei.com>	2022-07-11 20:53:05 +0200
committer	Bruce Ashfield <bruce.ashfield@gmail.com>	2022-07-15 17:11:58 -0400
commit	81d62914ce2ec9ea6096ee097b6e48d332672b3c (patch)
tree	9c47697d4ff958a49eea4b77ba37d5e14faae2a7
parent	cf8a763b28e0608b475643781c5ae51a5186b543 (diff)
download	meta-virtualization-81d62914ce2ec9ea6096ee097b6e48d332672b3c.tar.gz

diff --git a/recipes-extended/fuse-overlayfs/fuse-overlayfs/0001-Fix-buffer-overflow-on-workdir-path.patch b/recipes-extended/fuse-overlayfs/fuse-overlayfs/0001-Fix-buffer-overflow-on-workdir-path.patch new file mode 100644 index 00000000..129423d4 --- /dev/null +++ b/recipes-extended/fuse-overlayfs/fuse-overlayfs/0001-Fix-buffer-overflow-on-workdir-path.patch
@@ -0,0 +1,32 @@
		1	From 7e5992d6121aed0cfcbfaf70472f28d87cff1426 Mon Sep 17 00:00:00 2001
		2	From: Andrei Gherzan <andrei.gherzan@huawei.com>
		3	Date: Mon, 11 Jul 2022 20:36:06 +0200
		4	Subject: [PATCH] Fix buffer overflow on workdir path
		5
		6	We make sure that the path used for workdir is reallocated before
		7	appending. This was initially included in upstream as part of
		8	https://github.com/containers/fuse-overlayfs/commit/d5b725b6f18a437db66bfc1456d04c3bf658f66a.
		9
		10	Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
		11	Upstream-Status: Backport
		12	---
		13	main.c \| 3 +++
		14	1 file changed, 3 insertions(+)
		15
		16	diff --git a/main.c b/main.c
		17	index e5bdda1..118a6cb 100644
		18	--- a/main.c
		19	+++ b/main.c
		20	@@ -5039,6 +5039,9 @@ main (int argc, char *argv[])
		21	if (path == NULL)
		22	goto err_out1;
		23	mkdir (path, 0700);
		24	+ path = realloc(path, strlen(path)+strlen("/work")+1);
		25	+ if (!path)
		26	+ error (EXIT_FAILURE, errno, "allocating workdir path");
		27	strcat (path, "/work");
		28	mkdir (path, 0700);
		29	free (lo.workdir);
		30	--
		31	2.25.1
		32


diff --git a/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb b/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb index a02c1e60..4f793bd9 100644 --- a/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb +++ b/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb
@@ -6,7 +6,10 @@ LICENSE = "GPL-3.0-or-later"
6	LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"	6	LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
7		7
8	SRCREV = "098d9ad79fdbb8538adde08628408aa32a8b4b17"	8	SRCREV = "098d9ad79fdbb8538adde08628408aa32a8b4b17"
9	SRC_URI = "git://github.com/containers/fuse-overlayfs.git;nobranch=1;protocol=https"	9	SRC_URI = " \
		10	git://github.com/containers/fuse-overlayfs.git;nobranch=1;protocol=https \
		11	file://0001-Fix-buffer-overflow-on-workdir-path.patch \
		12	"
10		13
11	DEPENDS = "fuse3"	14	DEPENDS = "fuse3"
12		15