new file mode 100644
@@ -0,0 +1,36 @@
+From 838b6e35b43062353998853eab50cd0675201ed7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
+Date: Tue, 21 Sep 2021 10:54:50 +0200
+Subject: [PATCH] Made sure there is no null character in an attribute name
+
+When copying an attribute name which contains a null, it is truncated
+and this may lead to accessing non-allocated bytes when relying on the
+expected name length. Such names must therefore be rejected.
+
+CVE: CVE-2022-30786
+Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz]
+Comment: No change in any hunk
+Signed-off-by: Omkar Patil <Omkar.Patil@kpit.com>
+
+---
+ libntfs-3g/attrib.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/libntfs-3g/attrib.c
++++ b/libntfs-3g/attrib.c
+@@ -426,7 +426,15 @@ ntfs_attr *ntfs_attr_open(ntfs_inode *ni
+ na = ntfs_calloc(sizeof(ntfs_attr));
+ if (!na)
+ goto out;
++ if (!name_len)
++ name = (ntfschar*)NULL;
+ if (name && name != AT_UNNAMED && name != NTFS_INDEX_I30) {
++ /* A null char leads to a short name and unallocated bytes */
++ if (ntfs_ucsnlen(name, name_len) != name_len) {
++ ntfs_log_error("Null character in attribute name"
++ " of inode %lld\n",(long long)ni->mft_no);
++ goto err_out;
++ }
+ name = ntfs_ucsndup(name, name_len);
+ if (!name)
+ goto err_out;
new file mode 100644
@@ -0,0 +1,45 @@
+From 5ce8941bf47291cd6ffe7cdb1797253f1cc3a86f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
+Date: Fri, 5 Nov 2021 08:41:20 +0100
+Subject: [PATCH] Made sure there is no null character in an attribute name
+ (bis)
+
+When copying an attribute name which contains a null, it is truncated
+and this may lead to accessing non-allocated bytes when relying on the
+expected name length. Such (illegal) names must therefore be rejected.
+
+CVE: CVE-2022-30786
+Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz]
+Comment: No change in any hunk
+Signed-off-by: Omkar Patil <Omkar.Patil@kpit.com>
+
+---
+ libntfs-3g/attrib.c | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c
+index 51c8536f..efb91943 100644
+--- a/libntfs-3g/attrib.c
++++ b/libntfs-3g/attrib.c
+@@ -452,8 +452,19 @@ ntfs_attr *ntfs_attr_open(ntfs_inode *ni, const ATTR_TYPES type,
+
+ if (!name) {
+ if (a->name_length) {
+- name = ntfs_ucsndup((ntfschar*)((u8*)a + le16_to_cpu(
+- a->name_offset)), a->name_length);
++ ntfschar *attr_name;
++
++ attr_name = (ntfschar*)((u8*)a
++ + le16_to_cpu(a->name_offset));
++ /* A null character leads to illegal memory access */
++ if (ntfs_ucsnlen(attr_name, a->name_length)
++ != a->name_length) {
++ ntfs_log_error("Null character in attribute"
++ " name in inode %lld\n",
++ (long long)ni->mft_no);
++ goto put_err_out;
++ }
++ name = ntfs_ucsndup(attr_name, a->name_length);
+ if (!name)
+ goto put_err_out;
+ newname = name;
@@ -12,6 +12,8 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \
file://CVE-2022-30783.patch \
file://CVE-2022-30784.patch \
file://CVE-2022-30785_30787.patch \
+ file://CVE-2022-30786-1.patch \
+ file://CVE-2022-30786-2.patch \
"
S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"