RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"

Resolves: RHEL-14931
2023-11-02 15:01:59 +01:00 · 2023-11-02 15:01:59 +01:00 · bb06a744a8
commit bb06a744a8
parent 4aa5ef7f6d
2 changed files with 39 additions and 1 deletions
--- a/cups-preservejobfiles-leak.patch
+++ b/cups-preservejobfiles-leak.patch
@ -0,0 +1,31 @@
+diff --git a/scheduler/colorman.c b/scheduler/colorman.c
+index 8af4e5c..9bfdb0c 100644
+--- a/scheduler/colorman.c
+++ b/scheduler/colorman.c
+@@ -1083,7 +1083,7 @@ colord_create_profile(
+ 
+   dbus_message_iter_get_basic(&args, &profile_path);
+   cupsdLogMessage(CUPSD_LOG_DEBUG, "Created profile \"%s\".", profile_path);
+-  cupsArrayAdd(profiles, strdup(profile_path));
+  cupsArrayAdd(profiles, profile_path);
+ 
+ out:
+ 
+diff --git a/scheduler/job.c b/scheduler/job.c
+index 0223bee..47d4c72 100644
+--- a/scheduler/job.c
+++ b/scheduler/job.c
+@@ -1496,11 +1496,11 @@ cupsdDeleteJob(cupsd_job_t       *job,	/* I - Job */
+     job->num_files = 0;
+   }
+ 
+  unload_job(job);
+
+   if (job->history)
+     free_job_history(job);
+ 
+-  unload_job(job);
+-
+   cupsArrayRemove(Jobs, job);
+   cupsArrayRemove(ActiveJobs, job);
+   cupsArrayRemove(PrintingJobs, job);
--- a/cups.spec
+++ b/cups.spec
@ -24,7 +24,7 @@ Summary: CUPS printing system
 Name: cups
 Epoch: 1
 Version: 2.3.3%{OP_VER}
-Release: 21%{?dist}
+Release: 22%{?dist}
 License: ASL 2.0
 Url: http://www.cups.org/
 # Apple stopped uploading the new versions into github, use OpenPrinting fork
@ -126,6 +126,8 @@ Patch34: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch
 Patch35: 0001-cups-strlcpy-handle-zero-size.patch
 # CVE-2023-32360 cups:  Information leak through Cups-Get-Document operation
 Patch36: 0001-Require-authentication-for-CUPS-Get-Document.patch
+# RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"
+Patch37: cups-preservejobfiles-leak.patch


 ##### Patches removed because IMHO they aren't no longer needed
@ -381,6 +383,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in
 %patch35 -p1 -b .cve32324
 # CVE-2023-32360 cups: Information leak through Cups-Get-Document operation
 %patch36 -p1 -b .get-document-auth
+# RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"
+%patch37 -p1 -b .preservejobfiles-leak

 %if %{lspp}
 # LSPP support.
@ -815,6 +819,9 @@ rm -f %{cups_serverbin}/backend/smb
 %{_mandir}/man7/ippeveps.7.gz

 %changelog
+* Thu Nov 02 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-22
+- RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"
+
 * Tue Aug 29 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-21
 - bump the spec because the previous build was made with buildroot 9.2