File cups-2.2.7-CVE-2024-35235.patch of Package cups

Overview Repositories Revisions Requests Users Attributes Meta

File cups-2.2.7-CVE-2024-35235.patch of Package cups

--- cups/http-addr.c.orig	2018-03-23 04:48:36.000000000 +0100
+++ cups/http-addr.c	2024-05-28 08:56:50.780902345 +0200
@@ -198,31 +198,29 @@ httpAddrListen(http_addr_t *addr,	/* I -
   {
     mode_t	mask;			/* Umask setting */
 
-   /*
-    * Remove any existing domain socket file...
-    */
-
-    unlink(addr->un.sun_path);
-
-   /*
-    * Save the current umask and set it to 0 so that all users can access
-    * the domain socket...
-    */
-
-    mask = umask(0);
-
-   /*
-    * Bind the domain socket...
-    */
-
-    status = bind(fd, (struct sockaddr *)addr, (socklen_t)httpAddrLength(addr));
-
-   /*
-    * Restore the umask and fix permissions...
-    */
-
-    umask(mask);
-    chmod(addr->un.sun_path, 0140777);
+    // Remove any existing domain socket file...
+    if ((status = unlink(addr->un.sun_path)) < 0)
+    {
+      DEBUG_printf(("1httpAddrListen: Unable to unlink \"%s\": %s", addr->un.sun_path, strerror(errno)));
+      if (errno == ENOENT)
+	status = 0;
+    }
+
+    if (!status)
+    {
+      // Save the current umask and set it to 0 so that all users can access
+      // the domain socket...
+      mask = umask(0);
+
+      // Bind the domain socket...
+      if ((status = bind(fd, (struct sockaddr *)addr, (socklen_t)httpAddrLength(addr))) < 0)
+      {
+	DEBUG_printf(("1httpAddrListen: Unable to bind domain socket \"%s\": %s", addr->un.sun_path, strerror(errno)));
+      }
+
+      // Restore the umask...
+      umask(mask);
+    }
   }
   else
 #endif /* AF_LOCAL */
--- scheduler/conf.c.orig	2018-03-23 04:48:36.000000000 +0100
+++ scheduler/conf.c	2024-05-29 14:20:16.415485676 +0200
@@ -3073,6 +3073,15 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
 
       cupsd_listener_t	*lis;		/* New listeners array */
 
+     /*
+      * Check that the domain socket path is not too long...
+      */
+
+      if (*value == '/' && strlen(value) > (sizeof(addr->addr.un.sun_path) - 1))
+      {
+        cupsdLogMessage(CUPSD_LOG_INFO, "Ignoring %s address %s at line %d - too long.", line, value, linenum);
+        continue;
+      }
 
      /*
       * Get the address list...

Places

File cups-2.2.7-CVE-2024-35235.patch of Package cups

Places