From 996ab1752eca062e6fcea128e54c41ebef2bf416 Mon Sep 17 00:00:00 2001 From: Marek Kasik Date: Wed, 17 Oct 2012 11:08:47 +0200 Subject: [PATCH] Update to 0.2.4 Resolves CVE-2012-4510 Revert stricter validation of printer names --- .gitignore | 1 + ...ricter-when-validating-printer-names.patch | 54 +++++++++++++++++++ cups-pk-helper.spec | 11 +++- sources | 2 +- 4 files changed, 65 insertions(+), 3 deletions(-) create mode 100644 0001-Be-stricter-when-validating-printer-names.patch diff --git a/.gitignore b/.gitignore index 50f717a..08cf220 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ cups-pk-helper-0.0.4.tar.bz2 /cups-pk-helper-0.1.3.tar.bz2 /cups-pk-helper-0.2.1.tar.bz2 /cups-pk-helper-0.2.2.tar.bz2 +/cups-pk-helper-0.2.4.tar.bz2 diff --git a/0001-Be-stricter-when-validating-printer-names.patch b/0001-Be-stricter-when-validating-printer-names.patch new file mode 100644 index 0000000..0a6ba60 --- /dev/null +++ b/0001-Be-stricter-when-validating-printer-names.patch @@ -0,0 +1,54 @@ +From 7bf9cbe43ef8f648f308e4760f75c2aa6b61fa8e Mon Sep 17 00:00:00 2001 +From: Vincent Untz +Date: Tue, 27 Mar 2012 17:47:07 +0200 +Subject: [PATCH] Be stricter when validating printer names + +Only alphanumerical characters and the underscore are valid, and the +name must not be longer than 127 characters. See +http://www.cups.org/documentation.php/doc-1.1/sam.html#4_1 +--- + src/cups.c | 20 +++++++++++--------- + 1 file changed, 11 insertions(+), 9 deletions(-) + +diff --git a/src/cups.c b/src/cups.c +index 332abbe..1b2562b 100644 +--- a/src/cups.c ++++ b/src/cups.c +@@ -287,23 +287,25 @@ _cph_cups_is_printer_name_valid_internal (const char *name) + int i; + int len; + ++ /* Quoting http://www.cups.org/documentation.php/doc-1.1/sam.html#4_1: ++ * ++ * The printer name must start with any printable character except ++ * " ", "/", and "@". It can contain up to 127 letters, numbers, and ++ * the underscore (_). ++ * ++ * The first part is a bit weird, as the second part is more ++ * restrictive. So we only consider the second part. */ ++ + /* no empty string */ + if (!name || name[0] == '\0') + return FALSE; + + len = strlen (name); +- /* no string that is too long; see comment at the beginning of the +- * validation code block */ +- if (len > CPH_STR_MAXLEN) ++ if (len > 127) + return FALSE; + +- /* only printable characters, no space, no /, no # */ + for (i = 0; i < len; i++) { +- if (!g_ascii_isprint (name[i])) +- return FALSE; +- if (g_ascii_isspace (name[i])) +- return FALSE; +- if (name[i] == '/' || name[i] == '#') ++ if (!g_ascii_isalnum (name[i]) && name[i] != '_') + return FALSE; + } + +-- +1.7.12.1 + diff --git a/cups-pk-helper.spec b/cups-pk-helper.spec index 8dd2b05..9b0a8c0 100644 --- a/cups-pk-helper.spec +++ b/cups-pk-helper.spec @@ -1,6 +1,6 @@ Name: cups-pk-helper -Version: 0.2.2 -Release: 2%{?dist} +Version: 0.2.4 +Release: 1%{?dist} Summary: A helper that makes system-config-printer use PolicyKit Group: System Environment/Base @@ -9,6 +9,7 @@ URL: http://www.vuntz.net/download/cups-pk-helper/ Source0: http://cgit.freedesktop.org/cups-pk-helper/snapshot/cups-pk-helper-%{version}.tar.bz2 Patch0: polkit_result.patch +Patch1: 0001-Be-stricter-when-validating-printer-names.patch BuildRequires: libtool >= 1.4.3 BuildRequires: cups-devel >= 1.2 @@ -38,6 +39,7 @@ interfaces available under control of PolicyKit. %setup -q %patch0 -p1 -b .polkit-result +%patch1 -p1 -R -b .strict-names %build @@ -65,6 +67,11 @@ make install DESTDIR=$RPM_BUILD_ROOT %changelog +* Wed Oct 17 2012 Marek Kasik - 0.2.4-1 +- Update to 0.2.4 +- Resolves CVE-2012-4510 +- Revert stricter validation of printer names + * Wed Jul 18 2012 Fedora Release Engineering - 0.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild diff --git a/sources b/sources index 9c6379a..d73a36f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -848ed420884b7c528eb697047fa1ca52 cups-pk-helper-0.2.2.tar.bz2 +a039ec6ba20f85a26b2807b28968a749 cups-pk-helper-0.2.4.tar.bz2