Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sanitize device URI in argv[0] and use environment for auth info #933

Closed
michaelrsweet opened this issue Oct 8, 2004 · 2 comments
Closed

Sanitize device URI in argv[0] and use environment for auth info #933

michaelrsweet opened this issue Oct 8, 2004 · 2 comments
Milestone

Comments

@michaelrsweet
Copy link
Collaborator

@michaelrsweet michaelrsweet commented Oct 8, 2004

Version: 1.1.22rc1
CUPS.org User: mike

Jim Lovell (Apple) suggests that we put the sanitized device URI in argv[0] and only pass the full URI in the DEVICE_URI environment variable.

Apparently, the environment of processes owned by other users is not visible/accessible (at least not for Linux, OSX, IRIX, and Solaris), so the auth info won't be exposed.

We'll need to change the IPP backend to use DEVICE_URI, change StartJob() to use the sani_uri for argv[0], and submit a patch for smbspool to the SAMBA project.

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2004

CUPS.org User: mike

Fixed in CVS - the anonymous CVS repository will be updated at midnight EST.

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2004

"str_920_933.patch":

Index: ipp.c

RCS file: /development/cvs/cups/scheduler/ipp.c,v
retrieving revision 1.233
retrieving revision 1.234
diff -u -r1.233 -r1.234
--- ipp.c 23 Aug 2004 18:36:50 -0000 1.233
+++ ipp.c 4 Oct 2004 20:23:54 -0000 1.234
@@ -1222,7 +1222,9 @@
}

 LogMessage(L_INFO, "Setting %s device-uri to \"%s\" (was \"%s\".)",
  •           printer->name, attr->values[0].string.text, printer->device_uri);
    
  •           printer->name,
    
  •      cupsdSanitizeURI(attr->values[0].string.text, line, sizeof(line)),
    
  •      cupsdSanitizeURI(printer->device_uri, resource, sizeof(resource)));
    

    SetString(&printer->device_uri, attr->values[0].string.text);
    }

    Index: job.c

    RCS file: /development/cvs/cups/scheduler/job.c,v
    retrieving revision 1.231
    retrieving revision 1.233
    diff -u -r1.231 -r1.233
    --- job.c 4 Oct 2004 19:40:35 -0000 1.231
    +++ job.c 8 Oct 2004 20:18:02 -0000 1.233
    @@ -1202,6 +1202,7 @@
    classification[1024], /* CLASSIFICATION environment variable /
    content_type[1024], /
    CONTENT_TYPE environment variable /
    device_uri[1024], /
    DEVICE_URI environment variable */

  •   sani_uri[1024],     /\* Sanitized DEVICE_URI env var _/
    ppd[1024],      /_ PPD environment variable _/
    class_name[255],    /_ CLASS environment variable _/
    printer_name[255],  /_ PRINTER environment variable */
    

    @@ -1695,6 +1696,7 @@
    current->filetypes[current->current_file]->super,
    current->filetypes[current->current_file]->type);
    snprintf(device_uri, sizeof(device_uri), "DEVICE_URI=%s", printer->device_uri);

  • cupsdSanitizeURI(printer->device_uri, sani_uri, sizeof(sani_uri));
    snprintf(ppd, sizeof(ppd), "PPD=%s/ppd/%s.ppd", ServerRoot, printer->name);
    snprintf(printer_name, sizeof(printer_name), "PRINTER=%s", printer->name);
    snprintf(cache, sizeof(cache), "RIP_MAX_CACHE=%s", RIPCache);
    @@ -1803,7 +1805,10 @@
    envp[envc] = NULL;

for (i = 0; i < envc; i ++)

  • LogMessage(L_DEBUG, "StartJob: envp[%d]="%s"", i, envp[i]);

  • if (strncmp(envp[i], "DEVICE_URI=", 11))

  •  LogMessage(L_DEBUG, "StartJob: envp[%d]=\"%s\"", i, envp[i]);
    
  • else

  •  LogMessage(L_DEBUG, "StartJob: envp[%d]=\"DEVICE_URI=%s\"", i, sani_uri);
    

    current->current_file ++;

@@ -2013,7 +2018,7 @@
LogMessage(L_DEBUG, "StartJob: %s\n", processPath);
#endif /* APPLE */

  • argv[0] = printer->device_uri;
  • argv[0] = sani_uri;

filterfds[slot][0] = -1;
filterfds[slot][1] = open("/dev/null", O_WRONLY);

Index: printers.c

RCS file: /development/cvs/cups/scheduler/printers.c,v
retrieving revision 1.164
retrieving revision 1.165
diff -u -r1.164 -r1.165
--- printers.c 4 Oct 2004 19:40:35 -0000 1.164
+++ printers.c 4 Oct 2004 20:23:54 -0000 1.165
@@ -43,6 +43,7 @@

  • ValidateDest() - Validate a printer/class destination.
  • WritePrintcap() - Write a pseudo-printcap file for older
  •                        applications that need it...
    
  • * cupsdSanitizeURI() - Sanitize a device URI...
    • write_irix_config() - Update the config files used by the IRIX
    •                        desktop tools.
      
    • write_irix_state() - Update the status files used by IRIX printing
      @@ -1150,11 +1151,7 @@
      SetPrinterAttrs(printer_t p) / I - Printer to setup /
      {
      char uri[HTTP_MAX_URI]; /
      URI for printer */
  • char method[HTTP_MAX_URI], /* Method portion of URI */
  •   username[HTTP_MAX_URI], /\* Username portion of URI */
    
  •   host[HTTP_MAX_URI], /\* Host portion of URI */
    
  •   resource[HTTP_MAX_URI]; /\* Resource portion of URI */
    
  • int port; /* Port portion of URI */
  • char resource[HTTP_MAX_URI]; /* Resource portion of URI /
    int i; /
    Looping var /
    char filename[1024]; /
    Name of PPD file /
    int num_media; /
    Number of media options */
    @@ -1360,12 +1357,7 @@
    * http://..., ipp://..., etc.
    */
  •    httpSeparate(p->device_uri, method, username, host, &port, resource);
    
  • if (port)
  • snprintf(uri, sizeof(uri), "%s://%s:%d%s", method, host, port,
    
  •          resource);
    
  • else
  • snprintf(uri, sizeof(uri), "%s://%s%s", method, host, resource);
    
  •    cupsdSanitizeURI(p->device_uri, uri, sizeof(uri));
    
    }
    else
    {
    @@ -2175,6 +2167,74 @@
    }

+/*

  • * 'cupsdSanitizeURI()' - Sanitize a device URI...
  • /
    +
    +char * /
    O - New device URI /
    +cupsdSanitizeURI(const char *uri, /
    I - Original device URI */
  •             char       _buffer,   /_ O - New device URI */
    
  •             int        buflen)    /\* I - Size of new device URI buffer */
    
    +{
  • char start, / Start of data after scheme */
  • slash, / First slash after scheme:// */
  • ptr; / Pointer into user@host:port part */
  • /*
  • * Range check input...
  • */
  • if (!uri || !buffer || buflen < 2)
  • return (NULL);
  • /*
  • * Copy the device URI to the new buffer...
  • */
  • strlcpy(buffer, uri, buflen);
  • /*
  • * Find the end of the scheme:// part...
  • */
  • if ((ptr = strchr(buffer, ':')) == NULL)
  • return (buffer); /* No scheme: part... */
  • for (start = ptr + 1; *start; start ++)
  • if (*start != '/')
  •  break;
    
  • /*
  • * Find the next slash (/) in the URI...
  • */
  • if ((slash = strchr(start, '/')) == NULL)
  • slash = start + strlen(start); /* No slash, point to the end */
  • /*
  • * Check for an @ sign before the slash...
  • */
  • if ((ptr = strchr(start, '@')) != NULL && ptr < slash)
  • {
  • /*
  • * Found an @ sign and it is before the resource part, so we have
  • * an authentication string. Copy the remaining URI over the
  • * authentication string...
  • */
  • cups_strcpy(start, ptr + 1);
  • }
  • /*
  • * Return the new device URI...
  • */
  • return (buffer);
    +}

#ifdef __sgi
/*

  • 'write_irix_config()' - Update the config files used by the IRIX
    Index: printers.h

    RCS file: /development/cvs/cups/scheduler/printers.h,v
    retrieving revision 1.39
    retrieving revision 1.40
    diff -u -r1.39 -r1.40
    --- printers.h 23 Aug 2004 18:00:59 -0000 1.39
    +++ printers.h 4 Oct 2004 20:23:54 -0000 1.40
    @@ -126,7 +126,10 @@
    cups_ptype_t *dtype);
    extern void WritePrintcap(void);

+extern char *cupsdSanitizeURI(const char *uri, char *buffer,

  •                         int buflen);
    

    /*

    • End of "$Id: printers.h,v 1.39 2004/08/23 18:00:59 mike Exp $".
      */
      */

@michaelrsweet michaelrsweet added this to the Stable milestone Mar 17, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant