File: 0004-CVE-2024-47076.patch

package info (click to toggle)
cups-filters 1.28.17-7
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 6,592 kB
  • sloc: ansic: 54,531; cpp: 7,037; sh: 1,911; makefile: 964; xml: 127; perl: 73; php: 28; python: 8
file content (30 lines) | stat: -rw-r--r-- 909 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
commit 95576ec3d20c109332d14672a807353cdc551018
Author: Zdenek Dohnal <zdohnal@redhat.com>
Date:   Thu Sep 26 23:09:29 2024 +0200

    cfGetPrinterAttributes5(): Validate response attributes before return
    
    The destination can be corrupted or forged, so validate the response
    to strenghten security measures.
    
    Fixes CVE-2024-47076

Index: cups-filters-1.28.17/cupsfilters/ipp.c
===================================================================
--- cups-filters-1.28.17.orig/cupsfilters/ipp.c	2024-09-27 15:56:02.498019369 +0200
+++ cups-filters-1.28.17/cupsfilters/ipp.c	2024-09-27 15:56:02.494019366 +0200
@@ -435,6 +435,14 @@
 	    ippDelete(response2);
 	  }
 	}
+
+	// Check if the response is valid
+	if (!ippValidateAttributes(response))
+	{
+	  ippDelete(response);
+	  response = NULL;
+	}
+
 	if (have_http == 0) httpClose(http_printer);
 	if (uri) free(uri);
 	return response;