From f78ec4e753b2754bb6931c123d42be7c0fdfce83 Mon Sep 17 00:00:00 2001 From: Zdenek Dohnal Date: Fri, 3 Nov 2023 10:43:58 +0100 Subject: [PATCH] RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" Resolves: RHEL-14933 --- cups-preservejob-leak.patch | 31 +++++++++++++++++++++++++++++++ cups.spec | 9 ++++++++- 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 cups-preservejob-leak.patch diff --git a/cups-preservejob-leak.patch b/cups-preservejob-leak.patch new file mode 100644 index 0000000..c1c132d --- /dev/null +++ b/cups-preservejob-leak.patch @@ -0,0 +1,31 @@ +diff --git a/scheduler/colorman.c b/scheduler/colorman.c +index 8af4e5c..9bfdb0c 100644 +--- a/scheduler/colorman.c ++++ b/scheduler/colorman.c +@@ -1083,7 +1083,7 @@ colord_create_profile( + + dbus_message_iter_get_basic(&args, &profile_path); + cupsdLogMessage(CUPSD_LOG_DEBUG, "Created profile \"%s\".", profile_path); +- cupsArrayAdd(profiles, strdup(profile_path)); ++ cupsArrayAdd(profiles, profile_path); + + out: + +diff --git a/scheduler/job.c b/scheduler/job.c +index 0223bee..47d4c72 100644 +--- a/scheduler/job.c ++++ b/scheduler/job.c +@@ -1496,11 +1496,11 @@ cupsdDeleteJob(cupsd_job_t *job, /* I - Job */ + job->num_files = 0; + } + ++ unload_job(job); ++ + if (job->history) + free_job_history(job); + +- unload_job(job); +- + cupsArrayRemove(Jobs, job); + cupsArrayRemove(ActiveJobs, job); + cupsArrayRemove(PrintingJobs, job); diff --git a/cups.spec b/cups.spec index f51dff1..177faf9 100644 --- a/cups.spec +++ b/cups.spec @@ -22,7 +22,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.2.6 -Release: 54%{?dist} +Release: 55%{?dist} License: GPLv2+ and LGPLv2 with exceptions and AML Url: http://www.cups.org/ Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz @@ -164,6 +164,8 @@ Patch83: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch Patch84: 0001-cups-strlcpy-handle-zero-size.patch # CVE-2023-32360 cups: Information leak through Cups-Get-Document operation Patch85: 0001-Require-authentication-for-CUPS-Get-Document.patch +# RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" +Patch86: cups-preservejob-leak.patch Patch1000: cups-lspp.patch @@ -465,6 +467,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results. %patch84 -p1 -b .cve32324 # CVE-2023-32360 cups: Information leak through Cups-Get-Document operation %patch85 -p1 -b .get-document-auth +# RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" +%patch86 -p1 -b .preservejob-leak sed -i -e '1iMaxLogSize 0' conf/cupsd.conf.in @@ -891,6 +895,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man5/ipptoolfile.5.gz %changelog +* Fri Nov 03 2023 Zdenek Dohnal - 1:2.2.6-55 +- RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" + * Tue Sep 12 2023 Zdenek Dohnal - 1:2.2.6-54 - RHEL-2612 - cups pulls an unneeded dependency on python3