Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correct problem with UNKNOWN READ/SEGV for incorrect PPD file #5624

Closed
wants to merge 1 commit into from
Closed

Correct problem with UNKNOWN READ/SEGV for incorrect PPD file #5624

wants to merge 1 commit into from

Conversation

ppawliczek
Copy link

The problem occurres when an input PPD file contains a specific combination of
*PageSize keywords with incorrect types. In this case the PPD parser may cause
memory violation when one of the type is PPD_CUSTOM_PASSCODE,
PPD_CUSTOM_PASSWORD or PPD_CUSTOM_STRING.

Correct problem with UNKNOWN READ/SEGV for incorrect PPD file
bf0b6ef 
The problem occurres when an input PPD file contains a specific combination of
*PageSize keywords with incorrect types. In this case the PPD parser may cause
memory violation when one of the type is PPD_CUSTOM_PASSCODE,
PPD_CUSTOM_PASSWORD or PPD_CUSTOM_STRING.
@michaelrsweet
Copy link
Collaborator

@ppawliczek Please attach the problematic PPD file.

@michaelrsweet michaelrsweet self-assigned this Jul 30, 2019
@michaelrsweet michaelrsweet added the investigating Investigating the issue label Jul 30, 2019
@ppawliczek
Copy link
Author

clusterfuzz-testcase-minimized-cups_ppdopen_fuzzer-5709920246431744.zip

The stack from SEGV:
in cfree /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.27-r8/work/glibc-2.27/malloc/malloc.c:3098
in ppdClose (/usr/lib64/libcups.so.2+0xa0375)
in _ppdOpen (/usr/lib64/libcups.so.2+0xa7fc9)

michaelrsweet added a commit that referenced this pull request Aug 1, 2019
@michaelrsweet
Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #…
dc00a7c 
…5624)
michaelrsweet added a commit that referenced this pull request Aug 1, 2019
@michaelrsweet
Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #…
d11af54 
…5624)
michaelrsweet added a commit that referenced this pull request Aug 1, 2019
@michaelrsweet
Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #…
8e048e4 
…5624)
@michaelrsweet michaelrsweet added priority-high and removed investigating Investigating the issue labels Aug 1, 2019
@michaelrsweet michaelrsweet added this to the CUPS 2.2.x Updates milestone Aug 1, 2019
@michaelrsweet
Copy link
Collaborator

[master dc00a7c] Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #5624)
[master 8e048e4] Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #5624)

[branch-2.2 d11af54] Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #5624)

@michaelrsweet michaelrsweet mentioned this pull request Aug 1, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@michaelrsweet michaelrsweet

Labels
priority-high
Projects
None yet
Milestone
CUPS 2.2.x Updates
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ppawliczek @michaelrsweet