Skip to content

Commit 49fa498

Browse files
committed
DBUS notifications could crash the scheduler (Issue #5143)
- scheduler/ipp.c: Make sure requesting-user-name string is valid UTF-8.
1 parent 34be0e8 commit 49fa498

File tree

2 files changed

+13
-4
lines changed

2 files changed

+13
-4
lines changed

Diff for: CHANGES.md

+3-2
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,13 @@
1-
CHANGES - 2.2.6 - 2017-10-19
1+
CHANGES - 2.2.6 - 2017-10-23
22
============================
33

44

55
Changes in CUPS v2.2.6
66
----------------------
77

8+
- DBUS notifications could crash the scheduler (Issue #5143)
89
- Added USB quirks rules for Canon MP540 and Samsung ML-2160 (Issue #5148)
9-
- Fixed TLS cipher suite selection with GNU TLS (Issue #5145)
10+
- Fixed TLS cipher suite selection with GNU TLS (Issue #5145, Issue #5150)
1011

1112

1213
Changes in CUPS v2.2.5

Diff for: scheduler/ipp.c

+10-2
Original file line numberDiff line numberDiff line change
@@ -1597,6 +1597,16 @@ add_job(cupsd_client_t *con, /* I - Client connection */
15971597
return (NULL);
15981598
}
15991599

1600+
attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);
1601+
1602+
if (attr && !ippValidateAttribute(attr))
1603+
{
1604+
send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());
1605+
if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)
1606+
attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
1607+
return (NULL);
1608+
}
1609+
16001610
if ((job = cupsdAddJob(priority, printer->name)) == NULL)
16011611
{
16021612
send_ipp_status(con, IPP_INTERNAL_ERROR,
@@ -1615,8 +1625,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */
16151625
add_job_uuid(job);
16161626
apply_printer_defaults(printer, job);
16171627

1618-
attr = ippFindAttribute(job->attrs, "requesting-user-name", IPP_TAG_NAME);
1619-
16201628
if (con->username[0])
16211629
{
16221630
cupsdSetString(&job->username, con->username);

0 commit comments

Comments
 (0)