From 4dd87a0377fac8b75fdc04a58c6b70cb55af3f9f Mon Sep 17 00:00:00 2001 From: Richard Lescak Date: Thu, 20 Jan 2022 09:02:19 +0100 Subject: [PATCH] 1964975 - memory leaks in http_tls_upgrade() and _cupsEncodeOption() Resolves: rhbz#1964975 --- ...http-encode-memleaks-fixes-issue-322.patch | 37 +++++++++++++++++++ cups.spec | 10 ++++- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 0001-cups-http-encode-memleaks-fixes-issue-322.patch diff --git a/0001-cups-http-encode-memleaks-fixes-issue-322.patch b/0001-cups-http-encode-memleaks-fixes-issue-322.patch new file mode 100644 index 0000000..3aaeb26 --- /dev/null +++ b/0001-cups-http-encode-memleaks-fixes-issue-322.patch @@ -0,0 +1,37 @@ +From d9924186325c89aefa56e36258f56f246dd2c4ad Mon Sep 17 00:00:00 2001 +From: Richard Lescak +Date: Tue, 11 Jan 2022 10:53:34 +0100 +Subject: [PATCH] cups/http.c,encode.c: Fix memory leaks + +--- + CHANGES.md | 3 ++- + cups/encode.c | 1 + + cups/http.c | 1 + + 3 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/cups/encode.c b/cups/encode.c +index 5bcbf6fe5..15b1c6b40 100644 +--- a/cups/encode.c ++++ b/cups/encode.c +@@ -655,6 +655,7 @@ _cupsEncodeOption( + ippSetCollection(ipp, &attr, i, collection); + cupsEncodeOptions2(collection, num_cols, cols, IPP_TAG_JOB); + cupsFreeOptions(num_cols, cols); ++ ippDelete(collection); + break; + + default : +diff --git a/cups/http.c b/cups/http.c +index bd41e6f8e..4b6a24bd3 100644 +--- a/cups/http.c ++++ b/cups/http.c +@@ -4624,6 +4624,7 @@ http_tls_upgrade(http_t *http) /* I - HTTP connection */ + * Restore the HTTP request data... + */ + ++ httpClearFields(http); + memcpy(http->_fields, myhttp._fields, sizeof(http->_fields)); + memcpy(http->fields, myhttp.fields, sizeof(http->fields)); + +-- +2.31.1 diff --git a/cups.spec b/cups.spec index c704557..023206c 100644 --- a/cups.spec +++ b/cups.spec @@ -17,7 +17,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.3.3%{OP_VER} -Release: 11%{?dist} +Release: 12%{?dist} License: ASL 2.0 Url: http://www.cups.org/ # Apple stopped uploading the new versions into github, use OpenPrinting fork @@ -94,6 +94,9 @@ Patch23: 0001-Add-with-idle-exit-timeout-configure-option.patch Patch24: 0001-Add-with-systemd-timeoutstartsec-configure-option.patch # 1935051 - [FIPS] cups library can use sha-1 and uses internal MD5 Patch25: cups-fips-restrict-md5.patch +# Memory leak fixes (bug #1964975) +# https://github.com/OpenPrinting/cups/pull/322 +Patch26: 0001-cups-http-encode-memleaks-fixes-issue-322.patch ##### Patches removed because IMHO they aren't no longer needed @@ -320,6 +323,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in %patch24 -p1 -b .conf-timeoutstartsec # 1935051 - [FIPS] cups library can use sha-1 and uses internal MD5 %patch25 -p1 -b .restrict-md5 +# 1964975 - Memory leak fixes +%patch26 -p1 -b .memleak-fixes %if %{lspp} @@ -744,6 +749,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man7/ippeveps.7.gz %changelog +* Wed Jan 12 2022 Richard Lescak - 1:2.3.3op2-12 +- 1964975 - memory leaks in http_tls_upgrade() and _cupsEncodeOption() + * Mon Dec 06 2021 Zdenek Dohnal - 1:2.3.3op2-11 - 1935051 - [FIPS] cups library can use sha-1 and uses internal MD5