SecBSD/ports
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix for CVE-2024-47175

Browse source
This commit is contained in:
purplerain 2024-09-30 21:03:18 +00:00
parent 9212a738ae
commit cdf102605f
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
5 changed files with 508 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
print/cups/patches/patch-scheduler_ipp_c
View file

@ -1,6 +1,8 @@
Increase timeout for the PPD file to be copied so that it doesn't fail
on low-end configurations.
Last chunk: fix for CVE-2024-47175.
Index: scheduler/ipp.c
--- scheduler/ipp.c.orig
+++ scheduler/ipp.c
@ -22,3 +24,17 @@ Index: scheduler/ipp.c
timeout.tv_usec = 0;
if ((i = select(maxfd, &input, NULL, NULL, &timeout)) < 0)
@@ -5415,6 +5415,13 @@ create_local_bg_thread(
}
ippDelete(response2);
}
+ }
+
+ // Validate response from printer...
+ if (!ippValidateAttributes(response))
+ {
+ send_ipp_status(con, IPP_STATUS_ERROR_DEVICE, _("Printer returned invalid data: %s"), cupsLastErrorString());
+ goto finish_response;
}
// TODO: Grab printer icon file...