-
Notifications
You must be signed in to change notification settings - Fork 118
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
main/libcupsfilters: backport cve patch
- Loading branch information
1 parent
3e552e8
commit 466dc62
Showing
2 changed files
with
34 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
From 95576ec3d20c109332d14672a807353cdc551018 Mon Sep 17 00:00:00 2001 | ||
From: Zdenek Dohnal <[email protected]> | ||
Date: Thu, 26 Sep 2024 23:09:29 +0200 | ||
Subject: [PATCH] cfGetPrinterAttributes5(): Validate response attributes | ||
before return | ||
|
||
The destination can be corrupted or forged, so validate the response | ||
to strenghten security measures. | ||
|
||
Fixes CVE-2024-47076 | ||
--- | ||
cupsfilters/ipp.c | 8 ++++++++ | ||
1 file changed, 8 insertions(+) | ||
|
||
diff --git a/cupsfilters/ipp.c b/cupsfilters/ipp.c | ||
index 8d6a9b3d..db10cb3f 100644 | ||
--- a/cupsfilters/ipp.c | ||
+++ b/cupsfilters/ipp.c | ||
@@ -404,6 +404,14 @@ cfGetPrinterAttributes5(http_t *http_printer, | ||
ippDelete(response2); | ||
} | ||
} | ||
+ | ||
+ // Check if the response is valid | ||
+ if (!ippValidateAttributes(response)) | ||
+ { | ||
+ ippDelete(response); | ||
+ response = NULL; | ||
+ } | ||
+ | ||
if (have_http == 0) httpClose(http_printer); | ||
if (uri) free(uri); | ||
return (response); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters