RHEL-147214 - endless poll loop in http_write when POLLHUP is returned
Resolves: RHEL-147214
This commit is contained in:
Zdenek Dohnal
parent
d29c2e3b23
commit
99bcdb7733
@ -0,0 +1,44 @@
|
||||
From e2419c698922fb65ef62250a4588104021449b55 Mon Sep 17 00:00:00 2001
|
||||
From: Zdenek Dohnal <zdohnal@redhat.com>
|
||||
Date: Fri, 6 Mar 2026 08:31:47 +0100
|
||||
Subject: [PATCH] tls-gnutls.c: Do not check for errno after I/O operations
|
||||
|
||||
Based on gnutls_record_send/recv man pages, we should use the return
|
||||
value of the functions as indicator what happened in the function and do
|
||||
not look into errno at all.
|
||||
|
||||
Checking the errno value caused infinity loop in cupsd on busy servers
|
||||
if there were enough connection errors when cupsd wrote the response.
|
||||
|
||||
The patch is provided by Paul Zirnik from SUSE - thank you for the
|
||||
patch!
|
||||
|
||||
Fixes #827
|
||||
---
|
||||
cups/tls-gnutls.c | 4 ++--
|
||||
|
||||
diff --git a/cups/tls-gnutls.c b/cups/tls-gnutls.c
|
||||
index 64f2af372..5769d6313 100644
|
||||
--- a/cups/tls-gnutls.c
|
||||
+++ b/cups/tls-gnutls.c
|
||||
@@ -1208,7 +1208,7 @@ _httpTLSRead(http_t *http, /* I - Connection to server */
|
||||
|
||||
result = gnutls_record_recv(http->tls, buf, (size_t)len);
|
||||
|
||||
- if (result < 0 && !errno)
|
||||
+ if (result < 0)
|
||||
{
|
||||
/*
|
||||
* Convert GNU TLS error to errno value...
|
||||
@@ -1669,7 +1669,7 @@ _httpTLSWrite(http_t *http, /* I - Connection to server */
|
||||
|
||||
result = gnutls_record_send(http->tls, buf, (size_t)len);
|
||||
|
||||
- if (result < 0 && !errno)
|
||||
+ if (result < 0)
|
||||
{
|
||||
/*
|
||||
* Convert GNU TLS error to errno value...
|
||||
--
|
||||
2.53.0
|
||||
|
||||
@ -24,7 +24,7 @@ Summary: CUPS printing system
|
||||
Name: cups
|
||||
Epoch: 1
|
||||
Version: 2.3.3%{OP_VER}
|
||||
Release: 37%{?dist}
|
||||
Release: 38%{?dist}
|
||||
License: ASL 2.0
|
||||
Url: http://www.cups.org/
|
||||
# Apple stopped uploading the new versions into github, use OpenPrinting fork
|
||||
@ -182,6 +182,8 @@ Patch58: 0001-scheduler-Fix-possible-use_after_free-in-cupsdReadCl.patch
|
||||
# 0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch
|
||||
Patch59: 0001-Fix-various-issues-in-cupsd.patch
|
||||
Patch60: 0001-conf.c-Fix-stopping-scheduler-on-unknown-directive.patch
|
||||
# RHEL-147214 - endless poll loop in http_write when POLLHUP is returned
|
||||
Patch61: 0001-tls-gnutls.c-Do-not-check-for-errno-after-I-O-operat.patch
|
||||
|
||||
|
||||
##### Patches removed because IMHO they aren't no longer needed
|
||||
@ -486,6 +488,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in
|
||||
# RHEL-129740 CVE-2025-61915 cups: Local denial-of-service via cupsd.conf update and related issues
|
||||
%patch59 -p1 -b .config-issues
|
||||
%patch60 -p1 -b .ignore-unknown
|
||||
# RHEL-147214 - endless poll loop in http_write when POLLHUP is returned
|
||||
%patch61 -p1 -b .httpwrite-endless-poll
|
||||
|
||||
|
||||
%if %{lspp}
|
||||
@ -953,6 +957,9 @@ rm -f %{cups_serverbin}/backend/smb
|
||||
%{_mandir}/man7/ippeveps.7.gz
|
||||
|
||||
%changelog
|
||||
* Mon Mar 09 2026 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-38
|
||||
- RHEL-147214 - endless poll loop in http_write when POLLHUP is returned
|
||||
|
||||
* Fri Dec 12 2025 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-37
|
||||
- RHEL-129747 CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack
|
||||
- RHEL-129740 CVE-2025-61915 cups: Local denial-of-service via cupsd.conf update and related issues
|
||||
|
||||
Loading…
Reference in New Issue
Block a user