From dbefc1a655425ed608a482dc34eff56ae28e8110 Mon Sep 17 00:00:00 2001
From: Jiri Popelka <jpopelka@redhat.com>
Date: Fri, 21 Sep 2012 16:15:55 +0200
Subject: [PATCH] backport fixes for STR #4072, STR #4124
---
cups-str4072.patch | 118 +++++++++++++++++++++++++++++++++++++++++++++
cups-str4124.patch | 12 +++++
cups.spec | 23 ++++++---
3 files changed, 147 insertions(+), 6 deletions(-)
create mode 100644 cups-str4072.patch
create mode 100644 cups-str4124.patch
diff --git a/cups-str4072.patch b/cups-str4072.patch
new file mode 100644
index 0000000..d27669c
--- /dev/null
+++ b/cups-str4072.patch
@@ -0,0 +1,118 @@
+diff -up cups-1.5.4/scheduler/ipp.c.str4072 cups-1.5.4/scheduler/ipp.c
+--- cups-1.5.4/scheduler/ipp.c.str4072 2012-09-21 16:12:17.804952422 +0200
++++ cups-1.5.4/scheduler/ipp.c 2012-09-21 16:13:15.032165941 +0200
+@@ -12131,7 +12131,8 @@ validate_job(cupsd_client_t *con, /* I
+ http_status_t status; /* Policy status */
+ ipp_attribute_t *attr, /* Current attribute */
+ *auth_info; /* auth-info attribute */
+- ipp_attribute_t *format; /* Document-format attribute */
++ ipp_attribute_t *format, /* Document-format attribute */
++ *name; /* Job-name attribute */
+ cups_ptype_t dtype; /* Destination type (printer/class) */
+ char super[MIME_MAX_SUPER],
+ /* Supertype of file */
+@@ -12158,7 +12159,7 @@ validate_job(cupsd_client_t *con, /* I
+ )
+ {
+ send_ipp_status(con, IPP_ATTRIBUTES,
+- _("Unsupported compression \"%s\"."),
++ _("Unsupported 'compression' value \"%s\"."),
+ attr->values[0].string.text);
+ ippAddString(con->response, IPP_TAG_UNSUPPORTED_GROUP, IPP_TAG_KEYWORD,
+ "compression", NULL, attr->values[0].string.text);
+@@ -12176,7 +12177,8 @@ validate_job(cupsd_client_t *con, /* I
+ if (sscanf(format->values[0].string.text, "%15[^/]/%31[^;]",
+ super, type) != 2)
+ {
+- send_ipp_status(con, IPP_BAD_REQUEST, _("Bad document-format \"%s\"."),
++ send_ipp_status(con, IPP_BAD_REQUEST,
++ _("Bad 'document-format' value \"%s\"."),
+ format->values[0].string.text);
+ return;
+ }
+@@ -12187,7 +12189,7 @@ validate_job(cupsd_client_t *con, /* I
+ cupsdLogMessage(CUPSD_LOG_INFO,
+ "Hint: Do you have the raw file printing rules enabled?");
+ send_ipp_status(con, IPP_DOCUMENT_FORMAT,
+- _("Unsupported document-format \"%s\"."),
++ _("Unsupported 'document-format' value \"%s\"."),
+ format->values[0].string.text);
+ ippAddString(con->response, IPP_TAG_UNSUPPORTED_GROUP, IPP_TAG_MIMETYPE,
+ "document-format", NULL, format->values[0].string.text);
+@@ -12195,6 +12197,76 @@ validate_job(cupsd_client_t *con, /* I
+ }
+ }
+
++ /*
++ * Is the job-name valid?
++ */
++
++ if ((name = ippFindAttribute(con->request, "job-name", IPP_TAG_ZERO)) != NULL)
++ {
++ int bad_name = 0; /* Is the job-name value bad? */
++
++ if ((name->value_tag != IPP_TAG_NAME && name->value_tag != IPP_TAG_NAMELANG) ||
++ name->num_values != 1)
++ {
++ bad_name = 1;
++ }
++ else
++ {
++ /*
++ * Validate that job-name conforms to RFC 5198 (Network Unicode) and
++ * IPP Everywhere requirements for "name" values...
++ */
++
++ const unsigned char *nameptr; /* Pointer into "job-name" attribute */
++
++ for (nameptr = (unsigned char *)name->values[0].string.text;
++ *nameptr;
++ nameptr ++)
++ {
++ if (*nameptr < ' ' && *nameptr != '\t')
++ break;
++ else if (*nameptr == 0x7f)
++ break;
++ else if ((*nameptr & 0xe0) == 0xc0)
++ {
++ if ((nameptr[1] & 0xc0) != 0x80)
++ break;
++
++ nameptr ++;
++ }
++ else if ((*nameptr & 0xf0) == 0xe0)
++ {
++ if ((nameptr[1] & 0xc0) != 0x80 ||
++ (nameptr[2] & 0xc0) != 0x80)
++ break;
++
++ nameptr += 2;
++ }
++ else if ((*nameptr & 0xf8) == 0xf0)
++ {
++ if ((nameptr[1] & 0xc0) != 0x80 ||
++ (nameptr[2] & 0xc0) != 0x80 ||
++ (nameptr[3] & 0xc0) != 0x80)
++ break;
++
++ nameptr += 3;
++ }
++ else if (*nameptr & 0x80)
++ break;
++ }
++
++ if (*nameptr)
++ bad_name = 1;
++ }
++
++ if (bad_name)
++ {
++ cupsdLogMessage(CUPSD_LOG_WARN,
++ "Unsupported 'job-name' value, deleting from request.");
++ ippDeleteAttribute(con->request, name);
++ }
++ }
++
+ /*
+ * Is the destination valid?
+ */
diff --git a/cups-str4124.patch b/cups-str4124.patch
new file mode 100644
index 0000000..338369a
--- /dev/null
+++ b/cups-str4124.patch
@@ -0,0 +1,12 @@
+diff -up cups-1.5.4/cups/backend.c.str4124 cups-1.5.4/cups/backend.c
+--- cups-1.5.4/cups/backend.c.str4124 2012-01-30 22:50:42.000000000 +0100
++++ cups-1.5.4/cups/backend.c 2012-09-21 16:02:42.638864512 +0200
+@@ -125,7 +125,7 @@ quote_string(const char *s) /* I - Stri
+ if (*s == '\\' || *s == '\"')
+ putchar('\\');
+
+- if (*s == '\n')
++ if (((*s & 255) < ' ' && *s != '\t') || *s == 0x7f)
+ putchar(' ');
+ else
+ putchar(*s);
diff --git a/cups.spec b/cups.spec
index 864a145..7d68cf3 100644
--- a/cups.spec
+++ b/cups.spec
@@ -12,7 +12,7 @@
Summary: Common Unix Printing System
Name: cups
Version: 1.5.4
-Release: 6%{?dist}
+Release: 7%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@@ -70,9 +70,11 @@ Patch34: cups-avahi-5-services.patch
Patch35: cups-icc.patch
Patch36: cups-systemd-socket.patch
+Patch37: cups-ipp-no-create-job.patch
Patch40: cups-r10572.patch
-Patch41: cups-ipp-no-create-job.patch
+Patch41: cups-str4072.patch
+Patch42: cups-str4124.patch
Patch100: cups-lspp.patch
@@ -296,12 +298,18 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
# Poettering).
%patch36 -p1 -b .systemd-socket
-# CUPS now includes the port number in the Host: header for HTTP requests. (r10572)
-%patch40 -p1 -b .r10572
-
# Don't use the IPP Create-Job operation, widely implemented
# unreliably (bug #854989).
-%patch41 -p1 -b .ipp-no-create-job
+%patch37 -p1 -b .ipp-no-create-job
+
+# CUPS now includes the port number in the Host: header for HTTP requests. (r10572)
+%patch40 -p1 -b .r10572
+# The scheduler no longer allows job-name values
+# that are not valid network Unicode strings (STR #4072)
+%patch41 -p1 -b .str4072
+# cupsBackendReport() now filters out all control characters
+# from the reported 1284 device IDs (STR #4124)
+%patch42 -p1 -b .str4124
%if %lspp
# LSPP support.
@@ -663,6 +671,9 @@ rm -f %{cups_serverbin}/backend/smb
%{_mandir}/man1/ipptool.1.gz
%changelog
+* Fri Sep 21 2012 Jiri Popelka <jpopelka@redhat.com> 1:1.5.4-7
+- backport fixes for STR #4072, STR #4124
+
* Thu Sep 20 2012 Tim Waugh <twaugh@redhat.com> 1:1.5.4-6
- The cups-libs subpackage contains code distributed under the zlib
license (md5.c).