RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"

Resolves: RHEL-14933
2023-11-03 10:43:58 +01:00 · 2023-11-03 10:43:58 +01:00 · f78ec4e753
commit f78ec4e753
parent 114ceaf37c
2 changed files with 39 additions and 1 deletions
--- a/cups-preservejob-leak.patch
+++ b/cups-preservejob-leak.patch
@ -0,0 +1,31 @@
+diff --git a/scheduler/colorman.c b/scheduler/colorman.c
+index 8af4e5c..9bfdb0c 100644
+--- a/scheduler/colorman.c
+++ b/scheduler/colorman.c
+@@ -1083,7 +1083,7 @@ colord_create_profile(
+ 
+   dbus_message_iter_get_basic(&args, &profile_path);
+   cupsdLogMessage(CUPSD_LOG_DEBUG, "Created profile \"%s\".", profile_path);
+-  cupsArrayAdd(profiles, strdup(profile_path));
+  cupsArrayAdd(profiles, profile_path);
+ 
+ out:
+ 
+diff --git a/scheduler/job.c b/scheduler/job.c
+index 0223bee..47d4c72 100644
+--- a/scheduler/job.c
+++ b/scheduler/job.c
+@@ -1496,11 +1496,11 @@ cupsdDeleteJob(cupsd_job_t       *job,	/* I - Job */
+     job->num_files = 0;
+   }
+ 
+  unload_job(job);
+
+   if (job->history)
+     free_job_history(job);
+ 
+-  unload_job(job);
+-
+   cupsArrayRemove(Jobs, job);
+   cupsArrayRemove(ActiveJobs, job);
+   cupsArrayRemove(PrintingJobs, job);
--- a/cups.spec
+++ b/cups.spec
@ -22,7 +22,7 @@ Summary: CUPS printing system
 Name: cups
 Epoch: 1
 Version: 2.2.6
-Release: 54%{?dist}
+Release: 55%{?dist}
 License: GPLv2+ and LGPLv2 with exceptions and AML
 Url: http://www.cups.org/
 Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz
@ -164,6 +164,8 @@ Patch83: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch
 Patch84: 0001-cups-strlcpy-handle-zero-size.patch
 # CVE-2023-32360 cups:  Information leak through Cups-Get-Document operation
 Patch85: 0001-Require-authentication-for-CUPS-Get-Document.patch
+# RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"
+Patch86: cups-preservejob-leak.patch

 Patch1000: cups-lspp.patch

@ -465,6 +467,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
 %patch84 -p1 -b .cve32324
 # CVE-2023-32360 cups: Information leak through Cups-Get-Document operation
 %patch85 -p1 -b .get-document-auth
+# RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"
+%patch86 -p1 -b .preservejob-leak

 sed -i -e '1iMaxLogSize 0' conf/cupsd.conf.in

@ -891,6 +895,9 @@ rm -f %{cups_serverbin}/backend/smb
 %{_mandir}/man5/ipptoolfile.5.gz

 %changelog
+* Fri Nov 03 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.2.6-55
+- RHEL-14933 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off"
+
 * Tue Sep 12 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.2.6-54
 - RHEL-2612 - cups pulls an unneeded dependency on python3