diff --git a/0004-add-nullptr-check-in-fuse_session_mount.patch b/0004-add-nullptr-check-in-fuse_session_mount.patch new file mode 100644 index 0000000000000000000000000000000000000000..65c20bfccc16de66498cc8fead8f2d5b0c5e5e7b --- /dev/null +++ b/0004-add-nullptr-check-in-fuse_session_mount.patch @@ -0,0 +1,49 @@ +From f88e08f34d2d4f398f23797707e1c50cd306e405 Mon Sep 17 00:00:00 2001 +From: Bernd Schubert +Date: Tue, 25 Jun 2024 07:05:19 +0200 +Subject: [PATCH] Add nullptr check in fuse_session_mount + +The pointer did not have any sanity check. + +Addresses https://github.com/libfuse/libfuse/issues/979 + +--- + lib/fuse_lowlevel.c | 5 +++++ + lib/mount_util.c | 5 +++++ + 2 files changed, 10 insertions(+) + +diff --git a/lib/fuse_lowlevel.c b/lib/fuse_lowlevel.c +index fdef193..47c3065 100644 +--- a/lib/fuse_lowlevel.c ++++ b/lib/fuse_lowlevel.c +@@ -3145,6 +3145,11 @@ int fuse_session_mount(struct fuse_session *se, const char *mountpoint) + { + int fd; + ++ if (mountpoint == NULL) { ++ fuse_log(FUSE_LOG_ERR, "Invalid null-ptr mountpoint!\n"); ++ return -1; ++ } ++ + /* + * Make sure file descriptors 0, 1 and 2 are open, otherwise chaos + * would ensue. +diff --git a/lib/mount_util.c b/lib/mount_util.c +index 8027a2e..c90ba92 100644 +--- a/lib/mount_util.c ++++ b/lib/mount_util.c +@@ -363,6 +363,11 @@ int fuse_mnt_parse_fuse_fd(const char *mountpoint) + int fd = -1; + int len = 0; + ++ if (mountpoint == NULL) { ++ fprintf(stderr, "Invalid null-ptr mount-point!\n"); ++ return -1; ++ } ++ + if (sscanf(mountpoint, "/dev/fd/%u%n", &fd, &len) == 1 && + len == strlen(mountpoint)) { + return fd; +-- +2.27.0 + diff --git a/fuse3.spec b/fuse3.spec index f126f4e58be60851cd450eb72c88468f38d34542..1aa525474d48832e474b469e7c0c7c3bce77a22a 100644 --- a/fuse3.spec +++ b/fuse3.spec @@ -2,7 +2,7 @@ Name: fuse3 Version: %{fuse3ver} -Release: 2 +Release: 3 Summary: User space File System of fuse3 License: GPL+ and LGPLv2+ URL: http://fuse.sf.net @@ -12,6 +12,7 @@ Source1: fuse.conf Patch1: 0001-fix-chown-and-mknod-failed.patch Patch2: 0002-revert-fuse_daemonize-chdir-to-even-if-not-run.patch Patch3: 0003-fix-missing-fuse_loop_cfg_destroy-in-fuse_session_lo.patch +Patch4: 0004-add-nullptr-check-in-fuse_session_mount.patch BuildRequires: libselinux-devel, pkgconfig, systemd-udev, meson, fdupes BuildRequires: autoconf, automake, libtool, gettext-devel, ninja-build @@ -102,6 +103,9 @@ install -p -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir} %{_mandir}/man8/* %changelog +* Tue Aug 27 2024 yanshuai -3.16.2-3 +- Add nullptr check in fuse_session_mount + * Wed Jul 24 2024 kouwenqi -3.16.2-2 - Fix missing fuse_loop_cfg_destroy() in fuse_session_loop_mt_31 (#944)