From 41a3ae8f1682af8be348827d338856f361b6c2d7 Mon Sep 17 00:00:00 2001
From: Tom Callaway <spot@fedoraproject.org>
Date: Wed, 8 Feb 2017 16:22:45 -0500
Subject: [PATCH] apply patch for CVE-2017-0358. NOTE: Fedora does not setuid
 ntfs-3g, so it should not be vulnerable but some users might make this change
 so we applied the patch anyways

---
 ntfs-3g.spec                                  | 13 ++++++-
 ...3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch | 38 +++++++++++++++++++
 2 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch

diff --git a/ntfs-3g.spec b/ntfs-3g.spec
index 181d72e..3aa5525 100644
--- a/ntfs-3g.spec
+++ b/ntfs-3g.spec
@@ -16,7 +16,7 @@
 Name:		ntfs-3g
 Summary:	Linux NTFS userspace driver
 Version:	2016.2.22
-Release:	3%{?dist}
+Release:	4%{?dist}
 License:	GPLv2+
 Group:		System Environment/Base
 # Upstream source includes non-free ntfsprogs/boot.c
@@ -43,6 +43,11 @@ Obsoletes:	ntfsprogs-fuse
 Provides:	fuse-ntfs-3g = %{epoch}:%{version}-%{release}
 Patch0:		ntfs-3g_ntfsprogs-2011.10.9-RC-ntfsck-unsupported-return-0.patch
 Patch1:		CVE-2015-3202.patch
+# http://seclists.org/oss-sec/2017/q1/259
+# Fedora doesn't setuid ntfs-3g
+# but since it's possible some users might
+# we will patch it anyways.
+Patch2:		ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch
 
 %description
 NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS 
@@ -88,6 +93,7 @@ included utilities see man 8 ntfsprogs after installation).
 %prep
 %setup -q -n %{name}_ntfsprogs-%{version}%{?subver}
 %patch0 -p1 -b .unsupported
+%patch2 -p1 -b .CVE20170358
 
 cp %{SOURCE2} ntfsprogs/boot.c
 
@@ -298,6 +304,11 @@ cp -a %{SOURCE1} %{buildroot}%{_datadir}/hal/fdi/policy/10osvendor/
 %exclude %{_mandir}/man8/ntfs-3g*
 
 %changelog
+* Wed Feb  8 2017 Tom Callaway <spot@fedoraproject.org> - 2:2016.2.22-4
+- apply patch for CVE-2017-0358
+- NOTE: Fedora does not setuid ntfs-3g, so it should not be vulnerable 
+  but some users might make this change so we applied the patch anyways
+
 * Wed Nov  2 2016 Tom Callaway <spot@fedoraproject.org> - 2:2016.2.22-3
 - enable posix ACLS
 - enable xattr mappings
diff --git a/ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch b/ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch
new file mode 100644
index 0000000..025e96a
--- /dev/null
+++ b/ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch
@@ -0,0 +1,38 @@
+diff -up ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c.CVE20170358 ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c
+--- ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c.CVE20170358	2017-02-08 16:08:08.133934273 -0500
++++ ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c	2017-02-08 16:08:42.652134630 -0500
+@@ -3827,13 +3827,14 @@ static fuse_fstype load_fuse_module(void
+ 	struct stat st;
+ 	pid_t pid;
+ 	const char *cmd = "/sbin/modprobe";
++	char *env = (char*)NULL;
+ 	struct timespec req = { 0, 100000000 };   /* 100 msec */
+ 	fuse_fstype fstype;
+         
+ 	if (!stat(cmd, &st) && !geteuid()) {
+ 		pid = fork();
+ 		if (!pid) {
+-			execl(cmd, cmd, "fuse", NULL);
++			execle(cmd, cmd, "fuse", NULL, &env);
+ 			_exit(1);
+ 		} else if (pid != -1)
+ 			waitpid(pid, NULL, 0);
+diff -up ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c.CVE20170358 ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c
+--- ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c.CVE20170358	2017-02-08 16:09:05.923595527 -0500
++++ ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c	2017-02-08 16:09:42.448749391 -0500
+@@ -3612,13 +3612,14 @@ static fuse_fstype load_fuse_module(void
+ 	struct stat st;
+ 	pid_t pid;
+ 	const char *cmd = "/sbin/modprobe";
++	char *env = (char*)NULL;
+ 	struct timespec req = { 0, 100000000 };   /* 100 msec */
+ 	fuse_fstype fstype;
+ 	
+ 	if (!stat(cmd, &st) && !geteuid()) {
+ 		pid = fork();
+ 		if (!pid) {
+-			execl(cmd, cmd, "fuse", NULL);
++			execle(cmd, cmd, "fuse", NULL, &env);
+ 			_exit(1);
+ 		} else if (pid != -1)
+ 			waitpid(pid, NULL, 0);