Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
cups-filters.34564
cups-filters-1.25.0-0001-beh-backend-Use-execv-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cups-filters-1.25.0-0001-beh-backend-Use-execv-instead-of-system-CVE-2023-24805.patch of Package cups-filters.34564
--- backend/beh.c.orig 2019-06-06 15:17:11.000000000 +0200 +++ backend/beh.c 2023-05-15 16:06:14.493385265 +0200 @@ -22,6 +22,7 @@ #include "backend-private.h" #include <cups/array.h> #include <ctype.h> +#include <sys/wait.h> /* * Local globals... @@ -213,10 +214,14 @@ call_backend(char *uri, char **argv, /* I - Command-line arguments */ char *filename) { /* I - File name of input data */ const char *cups_serverbin; /* Location of programs */ + char *backend_argv[8]; // Arguments for called CUPS backend char scheme[1024], /* Scheme from URI */ *ptr, /* Pointer into scheme */ - cmdline[65536]; /* Backend command line */ - int retval; + backend_path[2048]; // Backend path + int pid, + wait_pid, + wait_status, + retval = 0; /* * Build the backend command line... @@ -235,16 +240,19 @@ call_backend(char *uri, fprintf(stderr, "ERROR: beh: Direct output into a file not supported.\n"); exit (CUPS_BACKEND_FAILED); - } else - snprintf(cmdline, sizeof(cmdline), - "%s/backend/%s '%s' '%s' '%s' '%s' '%s' %s", - cups_serverbin, scheme, argv[1], argv[2], argv[3], - /* Apply number of copies only if beh was called with a - file name and not with the print data in stdin, as - backends should handle copies only if they are called - with a file name */ - (argc == 6 ? "1" : argv[4]), - argv[5], filename); + } + + backend_argv[0] = uri; + backend_argv[1] = argv[1]; + backend_argv[2] = argv[2]; + backend_argv[3] = argv[3]; + backend_argv[4] = (argc == 6 ? "1" : argv[4]); + backend_argv[5] = argv[5]; + backend_argv[6] = filename; + backend_argv[7] = NULL; + + snprintf(backend_path, sizeof(backend_path), + "%s/backend/%s", cups_serverbin, scheme); /* * Overwrite the device URI and run the actual backend... @@ -253,17 +261,41 @@ call_backend(char *uri, setenv("DEVICE_URI", uri, 1); fprintf(stderr, - "DEBUG: beh: Executing backend command line \"%s\"...\n", - cmdline); + "DEBUG: beh: Executing backend command line \"%s '%s' '%s' '%s' '%s' '%s'%s%s\"...\n", + backend_path, backend_argv[1], backend_argv[2], backend_argv[3], + backend_argv[4], backend_argv[5], + (backend_argv[6] && backend_argv[6][0] ? " " : ""), + (backend_argv[6] && backend_argv[6][0] ? backend_argv[6] : "")); fprintf(stderr, "DEBUG: beh: Using device URI: %s\n", uri); - retval = system(cmdline) >> 8; + if ((pid = fork()) == 0) + { + retval = execv(backend_path, backend_argv); - if (retval == -1) - fprintf(stderr, "ERROR: Unable to execute backend command line: %s\n", - strerror(errno)); + if (retval == -1) + fprintf(stderr, "ERROR: Unable to execute backend: %s\n", + strerror(errno)); + exit (CUPS_BACKEND_FAILED); + } + else if (pid < 0) + { + fprintf(stderr, "ERROR: Unable to fork for backend\n"); + return (CUPS_BACKEND_FAILED); + } + + while ((wait_pid = wait(&wait_status)) < 0 && errno == EINTR); + + if (wait_pid >= 0 && wait_status) + { + if (WIFEXITED(wait_status)) + retval = WEXITSTATUS(wait_status); + else if (WTERMSIG(wait_status) != SIGTERM) + retval = WTERMSIG(wait_status); + else + retval = 0; + } return (retval); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor