From 7df31c8e0ee56992de4568287f9cd6d766b793cb Mon Sep 17 00:00:00 2001
From: Till Kamppeter <till.kamppeter@gmail.com>
Date: Tue, 24 Sep 2024 11:58:01 +0200
Subject: [PATCH] cfGetPrinterAttributes5(): Validate response attributes
 before return

The destination can be corrupted or forged, so validate the response
to strenghten security measures.
---
 cupsfilters/ipp.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cupsfilters/ipp.c b/cupsfilters/ipp.c
index 8d6a9b3d..db10cb3f 100644
--- a/cupsfilters/ipp.c
+++ b/cupsfilters/ipp.c
@@ -404,6 +404,14 @@ cfGetPrinterAttributes5(http_t *http_printer,
 	    ippDelete(response2);
 	  }
 	}
+
+	// Check if the response is valid
+	if (!ippValidateAttributes(response))
+	{
+	  ippDelete(response);
+	  response = NULL;
+	}
+
 	if (have_http == 0) httpClose(http_printer);
 	if (uri) free(uri);
 	return (response);
-- 
2.46.1