Attachment 149967 Details for Bug 232031 – Patch for solve security weakness

[patch] Patch for solve security weakness

ntfs-3g-sec.patch (text/plain), 1.16 KB, created by Jochen Schmitt on 2007-03-13 18:29:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jochen Schmitt

Created: 2007-03-13 18:29:37 UTC

Size: 1.16 KB

patch

obsolete

>--- ntfs-3g-1.0/src/ntfs-3g.c.org	2007-02-06 14:08:16.000000000 -0500
>+++ ntfs-3g-1.0/src/ntfs-3g.c	2007-03-13 14:22:38.000000000 -0400
>@@ -67,6 +67,8 @@
> #include <sys/xattr.h>
> #endif
> 
>+#include <sys/wait.h>
>+
> #include "attrib.h"
> #include "inode.h"
> #include "volume.h"
>@@ -224,7 +226,7 @@
> 	if (!buf)
> 		return -errno;
> 	while (1) {
>-		int i, j;
>+	int i, j;
> 
> 		br = ntfs_attr_pread(vol->lcnbmp_na, total,
> 				     vol->cluster_size, buf);
>@@ -2013,19 +2015,35 @@
> 	}
> }
> 
>+
>+int loadmod()
>+{
>+  pid_t pid;
>+  int status;
>+
>+  char *cmd = "/sbin/modprobe";
>+
>+  pid = fork();
>+  if(pid == 0) {
>+    execl(cmd, cmd, "fuse", NULL);
>+    return (-1);
>+  } else if (pid < 0)
>+    status = -1;
>+  else
>+    if(waitpid(pid, &status, 0) != pid)
>+      status = -1;
>+  return status;  
>+}
>+
>+
> static fuse_fstype load_fuse_module(void)
> {
> 	int i;
>-	struct stat st;
>-	const char *load_fuse_cmd = "/sbin/modprobe fuse";
> 	struct timespec req = { 0, 100000000 };   /* 100 msec */
> 	fuse_fstype fstype;
> 	
>-	if (stat("/sbin/modprobe", &st) == -1)
>-		load_fuse_cmd = "modprobe fuse";
>-	
> 	if (getuid() == 0)
>-		system(load_fuse_cmd);
>+	  loadmod();
> 	
> 	for (i = 0; i < 10; i++) {
> 		/*

Actions: View | Diff

Attachments on bug 232031: 149954 | 149967