diff options
Diffstat (limited to 'net-print/cups/files/cups-1.3.11-str3367-security-1.3v2.patch')
| -rw-r--r-- | net-print/cups/files/cups-1.3.11-str3367-security-1.3v2.patch | 435 |
1 files changed, 0 insertions, 435 deletions
diff --git a/net-print/cups/files/cups-1.3.11-str3367-security-1.3v2.patch b/net-print/cups/files/cups-1.3.11-str3367-security-1.3v2.patch deleted file mode 100644 index 8fe6b17..0000000 --- a/net-print/cups/files/cups-1.3.11-str3367-security-1.3v2.patch +++ /dev/null @@ -1,435 +0,0 @@ -Index: cgi-bin/printers.c -=================================================================== ---- cgi-bin/printers.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/printers.c (.../branches/leopard/cups) (revision 1707) -@@ -72,6 +72,7 @@ - */ - - cgiSetVariable("SECTION", "printers"); -+ cgiSetVariable("REFRESH_PAGE", ""); - - /* - * See if we are displaying a printer or all printers... -Index: cgi-bin/cgi.h -=================================================================== ---- cgi-bin/cgi.h (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/cgi.h (.../branches/leopard/cups) (revision 1707) -@@ -54,6 +54,7 @@ - extern void cgiAbort(const char *title, const char *stylesheet, - const char *format, ...); - extern int cgiCheckVariables(const char *names); -+extern void cgiClearVariables(void); - extern void *cgiCompileSearch(const char *query); - extern void cgiCopyTemplateFile(FILE *out, const char *tmpl); - extern void cgiCopyTemplateLang(const char *tmpl); -Index: cgi-bin/template.c -=================================================================== ---- cgi-bin/template.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/template.c (.../branches/leopard/cups) (revision 1707) -@@ -639,6 +639,8 @@ - fputs(">", out); - else if (*s == '\"') - fputs(""", out); -+ else if (*s == '\'') -+ fputs("'", out); - else if (*s == '&') - fputs("&", out); - else -@@ -659,7 +661,7 @@ - { - while (*s) - { -- if (strchr("%&+ <>#=", *s) || *s & 128) -+ if (strchr("%@&+ <>#=", *s) || *s < ' ' || *s & 128) - fprintf(out, "%%%02X", *s & 255); - else - putc(*s, out); -Index: cgi-bin/ipp-var.c -=================================================================== ---- cgi-bin/ipp-var.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/ipp-var.c (.../branches/leopard/cups) (revision 1707) -@@ -1220,7 +1220,9 @@ - int ascending, /* Order of jobs (0 = descending) */ - first, /* First job to show */ - count; /* Number of jobs */ -- const char *var; /* Form variable */ -+ const char *var, /* Form variable */ -+ *query, /* Query string */ -+ *section; /* Section in web interface */ - void *search; /* Search data */ - char url[1024], /* URL for prev/next/this */ - *urlptr, /* Position in URL */ -@@ -1265,10 +1267,13 @@ - * Get a list of matching job objects. - */ - -- if ((var = cgiGetVariable("QUERY")) != NULL) -- search = cgiCompileSearch(var); -+ if ((query = cgiGetVariable("QUERY")) != NULL) -+ search = cgiCompileSearch(query); - else -+ { -+ query = NULL; - search = NULL; -+ } - - jobs = cgiGetIPPObjects(response, search); - count = cupsArrayCount(jobs); -@@ -1293,17 +1298,28 @@ - if (first < 0) - first = 0; - -- sprintf(url, "%d", count); -- cgiSetVariable("TOTAL", url); -- - if ((var = cgiGetVariable("ORDER")) != NULL) - ascending = !strcasecmp(var, "asc"); - else -- { - ascending = !which_jobs || !strcasecmp(which_jobs, "not-completed"); -- cgiSetVariable("ORDER", ascending ? "asc" : "dec"); -- } - -+ section = cgiGetVariable("SECTION"); -+ -+ cgiClearVariables(); -+ -+ if (query) -+ cgiSetVariable("QUERY", query); -+ -+ cgiSetVariable("ORDER", ascending ? "asc" : "dec"); -+ -+ cgiSetVariable("SECTION", section); -+ -+ sprintf(url, "%d", count); -+ cgiSetVariable("TOTAL", url); -+ -+ if (which_jobs) -+ cgiSetVariable("WHICH_JOBS", which_jobs); -+ - if (ascending) - { - for (i = 0, job = (ipp_attribute_t *)cupsArrayIndex(jobs, first); -@@ -1325,11 +1341,10 @@ - - urlend = url + sizeof(url); - -- if ((var = cgiGetVariable("QUERY")) != NULL) -+ if (query != NULL) - { - if (dest) -- snprintf(url, sizeof(url), "/%s/%s?QUERY=", cgiGetVariable("SECTION"), -- dest); -+ snprintf(url, sizeof(url), "/%s/%s?QUERY=", section, dest); - else - strlcpy(url, "/jobs/?QUERY=", sizeof(url)); - -@@ -1344,7 +1359,7 @@ - else - { - if (dest) -- snprintf(url, sizeof(url), "/%s/%s?", cgiGetVariable("SECTION"), dest); -+ snprintf(url, sizeof(url), "/%s/%s?", section, dest); - else - strlcpy(url, "/jobs/?", sizeof(url)); - -Index: cgi-bin/admin.c -=================================================================== ---- cgi-bin/admin.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/admin.c (.../branches/leopard/cups) (revision 1707) -@@ -104,6 +104,7 @@ - */ - - cgiSetVariable("SECTION", "admin"); -+ cgiSetVariable("REFRESH_PAGE", ""); - - /* - * See if we have form data... -@@ -134,16 +135,61 @@ - - - if (getenv("HTTPS")) -- snprintf(prefix, sizeof(prefix), "https://%s:%s", -- getenv("SERVER_NAME"), getenv("SERVER_PORT")); -+ snprintf(prefix, sizeof(prefix), "https://%s:%s", -+ getenv("SERVER_NAME"), getenv("SERVER_PORT")); - else -- snprintf(prefix, sizeof(prefix), "http://%s:%s", -- getenv("SERVER_NAME"), getenv("SERVER_PORT")); -+ snprintf(prefix, sizeof(prefix), "http://%s:%s", -+ getenv("SERVER_NAME"), getenv("SERVER_PORT")); - -+ fprintf(stderr, "DEBUG: redirecting with prefix %s!\n", prefix); -+ - if ((url = cgiGetVariable("URL")) != NULL) -- printf("Location: %s%s\n\n", prefix, url); -+ { -+ char encoded[1024], /* Encoded URL string */ -+ *ptr; /* Pointer into encoded string */ -+ -+ -+ ptr = encoded; -+ if (*url != '/') -+ *ptr++ = '/'; -+ -+ for (; *url && ptr < (encoded + sizeof(encoded) - 4); url ++) -+ { -+ if (strchr("%@&+ <>#=", *url) || *url < ' ' || *url & 128) -+ { -+ /* -+ * Percent-encode this character; safe because we have at least 4 -+ * bytes left in the array... -+ */ -+ -+ sprintf(ptr, "%%%02X", *url & 255); -+ ptr += 3; -+ } -+ else -+ *ptr++ = *url; -+ } -+ -+ *ptr = '\0'; -+ -+ if (*url) -+ { -+ /* -+ * URL was too long, just redirect to the admin page... -+ */ -+ -+ printf("Location: %s/admin\n\n", prefix); -+ } -+ else -+ { -+ /* -+ * URL is OK, redirect there... -+ */ -+ -+ printf("Location: %s%s\n\n", prefix, encoded); -+ } -+ } - else -- printf("Location: %s/admin\n\n", prefix); -+ printf("Location: %s/admin\n\n", prefix); - } - else if (!strcmp(op, "start-printer")) - do_printer_op(http, IPP_RESUME_PRINTER, cgiText(_("Start Printer"))); -@@ -293,6 +339,31 @@ - * and classes and (re)show the add page... - */ - -+ if (cgiGetVariable("EVENT_JOB_CREATED")) -+ cgiSetVariable("EVENT_JOB_CREATED", "CHECKED"); -+ if (cgiGetVariable("EVENT_JOB_COMPLETED")) -+ cgiSetVariable("EVENT_JOB_COMPLETED", "CHECKED"); -+ if (cgiGetVariable("EVENT_JOB_STOPPED")) -+ cgiSetVariable("EVENT_JOB_STOPPED", "CHECKED"); -+ if (cgiGetVariable("EVENT_JOB_CONFIG_CHANGED")) -+ cgiSetVariable("EVENT_JOB_CONFIG_CHANGED", "CHECKED"); -+ if (cgiGetVariable("EVENT_PRINTER_STOPPED")) -+ cgiSetVariable("EVENT_PRINTER_STOPPED", "CHECKED"); -+ if (cgiGetVariable("EVENT_PRINTER_ADDED")) -+ cgiSetVariable("EVENT_PRINTER_ADDED", "CHECKED"); -+ if (cgiGetVariable("EVENT_PRINTER_MODIFIED")) -+ cgiSetVariable("EVENT_PRINTER_MODIFIED", "CHECKED"); -+ if (cgiGetVariable("EVENT_PRINTER_DELETED")) -+ cgiSetVariable("EVENT_PRINTER_DELETED", "CHECKED"); -+ if (cgiGetVariable("EVENT_SERVER_STARTED")) -+ cgiSetVariable("EVENT_SERVER_STARTED", "CHECKED"); -+ if (cgiGetVariable("EVENT_SERVER_STOPPED")) -+ cgiSetVariable("EVENT_SERVER_STOPPED", "CHECKED"); -+ if (cgiGetVariable("EVENT_SERVER_RESTARTED")) -+ cgiSetVariable("EVENT_SERVER_RESTARTED", "CHECKED"); -+ if (cgiGetVariable("EVENT_SERVER_AUDIT")) -+ cgiSetVariable("EVENT_SERVER_AUDIT", "CHECKED"); -+ - request = ippNewRequest(CUPS_GET_PRINTERS); - response = cupsDoRequest(http, request, "/"); - -@@ -450,6 +521,10 @@ - * Do the request and get back a response... - */ - -+ cgiClearVariables(); -+ if (name) -+ cgiSetVariable("PRINTER_NAME", name); -+ - if ((response = cupsDoRequest(http, request, "/")) != NULL) - { - /* -@@ -2336,7 +2411,9 @@ - if ((val = cupsGetOption("DefaultAuthType", num_settings, - settings)) != NULL && !strcasecmp(val, "Negotiate")) - cgiSetVariable("KERBEROS", "CHECKED"); -+ else - #endif /* HAVE_GSSAPI */ -+ cgiSetVariable("KERBEROS", ""); - - cupsFreeOptions(num_settings, settings); - -Index: cgi-bin/help.c -=================================================================== ---- cgi-bin/help.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/help.c (.../branches/leopard/cups) (revision 1707) -@@ -63,6 +63,7 @@ - */ - - cgiSetVariable("SECTION", "help"); -+ cgiSetVariable("REFRESH_PAGE", ""); - - /* - * Load the help index... -@@ -102,7 +103,7 @@ - */ - - for (i = 0; i < argc; i ++) -- fprintf(stderr, "argv[%d]=\"%s\"\n", i, argv[i]); -+ fprintf(stderr, "DEBUG: argv[%d]=\"%s\"\n", i, argv[i]); - - if ((helpfile = getenv("PATH_INFO")) != NULL) - { -@@ -179,6 +180,12 @@ - topic = cgiGetVariable("TOPIC"); - si = helpSearchIndex(hi, query, topic, helpfile); - -+ cgiClearVariables(); -+ if (query) -+ cgiSetVariable("QUERY", query); -+ if (topic) -+ cgiSetVariable("TOPIC", topic); -+ - fprintf(stderr, "DEBUG: query=\"%s\", topic=\"%s\"\n", - query ? query : "(null)", topic ? topic : "(null)"); - -Index: cgi-bin/var.c -=================================================================== ---- cgi-bin/var.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/var.c (.../branches/leopard/cups) (revision 1707) -@@ -15,6 +15,7 @@ - * Contents: - * - * cgiCheckVariables() - Check for the presence of "required" variables. -+ * cgiClearVariables() - Clear all form variables. - * cgiGetArray() - Get an element from a form array... - * cgiGetFile() - Get the file (if any) that was submitted in the form. - * cgiGetSize() - Get the size of a form array value. -@@ -135,6 +136,31 @@ - - - /* -+ * 'cgiClearVariables()' - Clear all form variables. -+ */ -+ -+void -+cgiClearVariables(void) -+{ -+ int i, j; /* Looping vars */ -+ _cgi_var_t *v; /* Current variable */ -+ -+ -+ for (v = form_vars, i = form_count; i > 0; v ++, i --) -+ { -+ _cupsStrFree(v->name); -+ for (j = 0; j < v->nvalues; j ++) -+ if (v->values[j]) -+ _cupsStrFree(v->values[j]); -+ } -+ -+ form_count = 0; -+ -+ cgi_unlink_file(); -+} -+ -+ -+/* - * 'cgiGetArray()' - Get an element from a form array... - */ - -@@ -154,7 +180,7 @@ - if (element < 0 || element >= var->nvalues) - return (NULL); - -- return (var->values[element]); -+ return (_cupsStrAlloc(var->values[element])); - } - - -@@ -209,7 +235,7 @@ - var->values[var->nvalues - 1]); - #endif /* DEBUG */ - -- return ((var == NULL) ? NULL : var->values[var->nvalues - 1]); -+ return ((var == NULL) ? NULL : _cupsStrAlloc(var->values[var->nvalues - 1])); - } - - -@@ -341,9 +367,9 @@ - var->nvalues = element + 1; - } - else if (var->values[element]) -- free((char *)var->values[element]); -+ _cupsStrFree((char *)var->values[element]); - -- var->values[element] = strdup(value); -+ var->values[element] = _cupsStrAlloc(value); - } - } - -@@ -388,7 +414,7 @@ - { - for (i = size; i < var->nvalues; i ++) - if (var->values[i]) -- free((void *)(var->values[i])); -+ _cupsStrFree((void *)(var->values[i])); - } - - var->nvalues = size; -@@ -421,9 +447,9 @@ - { - for (i = 0; i < var->nvalues; i ++) - if (var->values[i]) -- free((char *)var->values[i]); -+ _cupsStrFree((char *)var->values[i]); - -- var->values[0] = strdup(value); -+ var->values[0] = _cupsStrAlloc(value); - var->nvalues = 1; - } - } -@@ -470,10 +496,10 @@ - if ((var->values = calloc(element + 1, sizeof(char *))) == NULL) - return; - -- var->name = strdup(name); -+ var->name = _cupsStrAlloc(name); - var->nvalues = element + 1; - var->avalues = element + 1; -- var->values[element] = strdup(value); -+ var->values[element] = _cupsStrAlloc(value); - - form_count ++; - } -Index: cgi-bin/jobs.c -=================================================================== ---- cgi-bin/jobs.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/jobs.c (.../branches/leopard/cups) (revision 1707) -@@ -57,6 +57,7 @@ - */ - - cgiSetVariable("SECTION", "jobs"); -+ cgiSetVariable("REFRESH_PAGE", ""); - - /* - * Connect to the HTTP server... -Index: cgi-bin/classes.c -=================================================================== ---- cgi-bin/classes.c (.../easysw/current-1.3.x) (revision 1707) -+++ cgi-bin/classes.c (.../branches/leopard/cups) (revision 1707) -@@ -69,6 +69,7 @@ - */ - - cgiSetVariable("SECTION", "classes"); -+ cgiSetVariable("REFRESH_PAGE", ""); - - /* - * See if we are displaying a printer or all classes... - |