diff --git a/cups-browsed.8.patch b/cups-browsed.8.patch new file mode 100644 index 0000000..583c758 --- /dev/null +++ b/cups-browsed.8.patch @@ -0,0 +1,14 @@ +diff -up cups-filters-1.20.0/utils/cups-browsed.8.manpage cups-filters-1.20.0/utils/cups-browsed.8 +--- cups-filters-1.20.0/utils/cups-browsed.8.manpage 2018-11-12 14:14:48.436062013 +0100 ++++ cups-filters-1.20.0/utils/cups-browsed.8 2018-11-12 14:19:10.188091043 +0100 +@@ -100,8 +100,8 @@ and command line tools. + + \fBcups-browsed.conf\fP(5) + .PP +-/usr/share/doc/\fBcups-browsed\fP/README.gz ++/usr/share/doc/cups-filters/README.gz + .SH AUTHOR +-The authors of \fBcups-browsed\fP are listed in /usr/share/doc/\fBcups-browsed\fP/AUTHORS. ++The authors of \fBcups-browsed\fP are listed in /usr/share/doc/cups-filters/AUTHORS. + .PP + This manual page was written for the Debian Project, but it may be used by others. diff --git a/cups-filters-brftopagedbrf-install.patch b/cups-filters-brftopagedbrf-install.patch new file mode 100644 index 0000000..ba6aceb --- /dev/null +++ b/cups-filters-brftopagedbrf-install.patch @@ -0,0 +1,172 @@ +diff -up cups-filters-1.20.0/configure.ac.brftopagedbrf-install cups-filters-1.20.0/configure.ac +--- cups-filters-1.20.0/configure.ac.brftopagedbrf-install 2018-01-29 19:14:59.000000000 +0100 ++++ cups-filters-1.20.0/configure.ac 2018-04-27 11:19:33.987213243 +0200 +@@ -856,6 +856,7 @@ AC_CONFIG_FILES([ + filter/braille/filters/cups-braille.sh + filter/braille/filters/imagetobrf + filter/braille/filters/texttobrf ++ filter/braille/filters/brftopagedbrf + filter/braille/filters/vectortopdf + filter/braille/filters/vectortobrf + filter/braille/filters/musicxmltobrf +diff -up cups-filters-1.20.0/filter/braille/filters/brftopagedbrf.in.brftopagedbrf-install cups-filters-1.20.0/filter/braille/filters/brftopagedbrf.in +--- cups-filters-1.20.0/filter/braille/filters/brftopagedbrf.in.brftopagedbrf-install 2018-04-27 11:19:41.038152279 +0200 ++++ cups-filters-1.20.0/filter/braille/filters/brftopagedbrf.in 2018-04-27 11:21:47.344068714 +0200 +@@ -0,0 +1,146 @@ ++#!/bin/bash ++ ++# ++# Copyright (c) 2015-2017 Samuel Thibault ++# ++# Permission is hereby granted, free of charge, to any person obtaining a copy ++# of this software and associated documentation files (the "Software"), to deal ++# in the Software without restriction, including without limitation the rights ++# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++# copies of the Software, and to permit persons to whom the Software is ++# furnished to do so, subject to the following conditions: ++# ++# ++# The above copyright notice and this permission notice shall be included in ++# all copies or substantial portions of the Software. ++# ++# ++# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ++# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN ++# THE SOFTWARE. ++# ++ ++# Make sure we have enough options ++if [ $# != 5 -a $# != 6 ]; then ++ echo "ERROR: $0 jobid user name nb options [filename]" >&2 ++ exit 1 ++fi ++ ++NB=$4 ++OPTIONS=$5 ++FILE=$6 ++ ++. @CUPS_DATADIR@/braille/cups-braille.sh ++ ++shopt -s extglob ++ ++# Construct list of pages from PAGERANGES ++ ++PAGES=" " # Explicit list of pages ++AFTER= # All pages including and after this ++BEFORE= # All pages before and including this ++ ++[ -n "$PAGERANGES" ] || PAGERANGES="1-" ++ ++while [ -n "${PAGERANGES}" ] ++do ++ PAGERANGE=${PAGERANGES/,*} ++ PAGERANGE=${PAGERANGE%%*( )} ++ PAGERANGE=${PAGERANGE##*( )} ++ if [ -n "${PAGERANGES/*,*}" ] ++ then ++ # last range ++ PAGERANGES="" ++ else ++ # Remove leading range ++ PAGERANGES="${PAGERANGES#*,}" ++ fi ++ ++ if [ -n "${PAGERANGE/*-*}" ] ++ then ++ # single-page ++ PAGES="$PAGES$PAGERANGE " ++ ++ elif [ -z "${PAGERANGE%%*-}" ] ++ then ++ # To the end ++ FIRST=${PAGERANGE%%-*} ++ if [ -z "$AFTER" ] || [ "$FIRST" -lt "$AFTER" ] ++ then ++ AFTER="$FIRST" ++ fi ++ ++ elif [ -z "${PAGERANGE##-*}" ] ++ then ++ # From the beginning ++ LAST=${PAGERANGE##*-} ++ if [ -z "$BEFORE" ] || [ "$LAST" -gt "$BEFORE" ] ++ then ++ BEFORE="$LAST" ++ fi ++ ++ else ++ # page range ++ FIRST=${PAGERANGE/-*} ++ LAST=${PAGERANGE/*-} ++ PAGES="$PAGES$(seq "$FIRST" "$LAST" | tr $'\012' ' ')" ++ ++ fi ++done ++ ++# Determine whether to print this page ++doprint() { ++ PAGE="$1" ++ if [ -n "$BEFORE" ] && [ "$PAGE" -le "$BEFORE" ] ++ then ++ echo 1 ++ return ++ elif [ -n "$AFTER" ] && [ "$PAGE" -ge "$AFTER" ] ++ then ++ echo 1 ++ return ++ fi ++ case "$PAGES" in ++ *\ $PAGE\ *) ++ echo 1 ++ return ++ ;; ++ esac ++ echo 0 ++} ++ ++if [ -z "$FILE" ] ++then ++ cat ++else ++ cat "$FILE" ++fi | ( ++ P=1 ++ DOPRINT=$(doprint $P) ++ while IFS=$'\n' read -r LINE ++ do ++ while [ -z "${LINE/*$'\014'*}" ] ++ do ++ # Possibly print before FF ++ HEAD=${LINE%%$'\014'*} ++ [ $DOPRINT == 0 ] || printf %s "$HEAD"$'\014' ++ ++ # Next page ++ P=$(($P + 1)) ++ DOPRINT=$(doprint $P) ++ ++ # Drop head of line ++ LINE=${LINE#*$'\014'} ++ done ++ ++ # Remainder of line ++ [ $DOPRINT == 0 ] || printf "%s\n" "$LINE" ++ done ++) ++ ++echo "INFO: Ready" >&2 ++exit 0 +diff -up cups-filters-1.20.0/Makefile.am.brftopagedbrf-install cups-filters-1.20.0/Makefile.am +--- cups-filters-1.20.0/Makefile.am.brftopagedbrf-install 2017-12-15 02:15:32.000000000 +0100 ++++ cups-filters-1.20.0/Makefile.am 2018-04-27 11:19:33.987213243 +0200 +@@ -591,6 +591,7 @@ nodist_pkgfilter_SCRIPTS = \ + filter/braille/filters/vectortopdf \ + filter/braille/filters/vectortobrf \ + filter/braille/filters/texttobrf \ ++ filter/braille/filters/brftopagedbrf \ + filter/braille/filters/musicxmltobrf + endif + diff --git a/cups-filters-covscan.patch b/cups-filters-covscan.patch new file mode 100644 index 0000000..9a225c3 --- /dev/null +++ b/cups-filters-covscan.patch @@ -0,0 +1,678 @@ +diff --git a/backend/beh.c b/backend/beh.c +index 9ba6613..7514e33 100644 +--- a/backend/beh.c ++++ b/backend/beh.c +@@ -223,6 +223,8 @@ call_backend(char *uri, /* I - URI of final destination */ + */ + + strncpy(scheme, uri, sizeof(scheme)); ++ if (strlen(uri) > 1023) ++ scheme[1023] = '\0'; + if ((ptr = strchr(scheme, ':')) != NULL) + *ptr = '\0'; + +diff --git a/backend/implicitclass.c b/backend/implicitclass.c +index 3ce4d10..1593191 100644 +--- a/backend/implicitclass.c ++++ b/backend/implicitclass.c +@@ -104,6 +104,8 @@ main(int argc, /* I - Number of command-line args */ + } + ptr1 ++; + strncpy(queue_name, ptr1, sizeof(queue_name)); ++ if (strlen(ptr1) > 1023) ++ queue_name[1023] = '\0'; + httpAssembleURIf(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipp", NULL, + "localhost", ippPort(), "/printers/%s", queue_name); + job_id = argv[1]; +@@ -162,6 +164,8 @@ main(int argc, /* I - Number of command-line args */ + /* Read destination host name (or message) and check whether it is + complete (second double quote) */ + strncpy(dest_host, ptr1, sizeof(dest_host)); ++ if (strlen(ptr1) > 1023) ++ dest_host[1023] = '\0'; + ptr1 = dest_host; + if ((ptr2 = strchr(ptr1, '"')) != NULL) { + *ptr2 = '\0'; +diff --git a/cupsfilters/colormanager.c b/cupsfilters/colormanager.c +index 70074a3..a4a929d 100644 +--- a/cupsfilters/colormanager.c ++++ b/cupsfilters/colormanager.c +@@ -272,6 +272,9 @@ _get_colord_profile(const char *printer_name, /* Dest name */ + free(qualifier); + } + ++ if (icc_profile != NULL) ++ free(icc_profile); ++ + return is_profile_set; + + } +@@ -325,8 +328,11 @@ _get_ppd_icc_fallback (ppd_file_t *ppd, char **qualifier) + if (attr->value[0] != '/') + snprintf(full_path, sizeof(full_path), + "%s/profiles/%s", CUPSDATA, attr->value); +- else ++ else { + strncpy(full_path, attr->value, sizeof(full_path)); ++ if (strlen(attr->value) > 1023) ++ full_path[1023] = '\0'; ++ } + + /* check the file exists */ + if (access(full_path, 0)) { +diff --git a/cupsfilters/image-sgilib.c b/cupsfilters/image-sgilib.c +index 0b70c13..bf2dd80 100644 +--- a/cupsfilters/image-sgilib.c ++++ b/cupsfilters/image-sgilib.c +@@ -282,7 +282,7 @@ sgiOpenFile(FILE *file, /* I - File to open */ + sgip->mode = SGI_WRITE; + + putshort(SGI_MAGIC, sgip->file); +- putc((sgip->comp = comp) != 0, sgip->file); ++ putc(((sgip->comp = comp) != 0) ? '1': '0', sgip->file); + putc(sgip->bpp = bpp, sgip->file); + putshort(3, sgip->file); /* Dimensions */ + putshort(sgip->xsize = xsize, sgip->file); +diff --git a/cupsfilters/image-sun.c b/cupsfilters/image-sun.c +index 609b194..989d039 100644 +--- a/cupsfilters/image-sun.c ++++ b/cupsfilters/image-sun.c +@@ -114,6 +114,7 @@ _cupsImageReadSunRaster( + ras_depth == 0 || ras_depth > 32) + { + fputs("DEBUG: Raster image cannot be loaded!\n", stderr); ++ fclose(fp); + return (1); + } + +diff --git a/cupsfilters/ppdgenerator.c b/cupsfilters/ppdgenerator.c +index 052e3c5..3bc4d8a 100644 +--- a/cupsfilters/ppdgenerator.c ++++ b/cupsfilters/ppdgenerator.c +@@ -937,6 +937,10 @@ load_opt_strings_catalog(const char *location, cups_array_t *options) + } + } + cupsFileClose(fp); ++ if (choice_name != NULL) ++ free(choice_name); ++ if (opt_name != NULL) ++ free(opt_name); + if (filename == tmpfile) + unlink(filename); + } +diff --git a/cupsfilters/raster.c b/cupsfilters/raster.c +index 8203690..67d6b9b 100644 +--- a/cupsfilters/raster.c ++++ b/cupsfilters/raster.c +@@ -151,11 +151,14 @@ cupsRasterParseIPPOptions(cups_page_header2_t *h, /* I - Raster header */ + strcasestr(s, "right") || + strcasestr(s, "side") || + strcasestr(s, "main")) +- media_source = strdup(s); ++ { ++ if (media_source == NULL) ++ media_source = strdup(s); ++ } + else + media_type = strdup(s); + } +- if (size_found) ++ if (page_size == NULL && size_found) + page_size = strdup(size_found->pwg); + } + } +@@ -1079,6 +1082,13 @@ cupsRasterParseIPPOptions(cups_page_header2_t *h, /* I - Raster header */ + h->cupsRenderingIntent[0] = '\0'; + #endif /* HAVE_CUPS_1_7 */ + ++ if (media_source != NULL) ++ free(media_source); ++ if (media_type != NULL) ++ free(media_type); ++ if (page_size != NULL) ++ free(page_size); ++ + return (0); + } + +diff --git a/filter/bannertopdf.c b/filter/bannertopdf.c +index b78ea37..2b9bd76 100644 +--- a/filter/bannertopdf.c ++++ b/filter/bannertopdf.c +@@ -513,6 +513,15 @@ static int generate_banner_pdf(banner_t *banner, + pdf_duplicate_page(doc, 1, copies); + + pdf_write(doc, stdout); ++ ++ opt_t * opt_current = known_opts; ++ opt_t * opt_next = NULL; ++ while (opt_current != NULL) ++ { ++ opt_next = opt_current->next; ++ free(opt_current); ++ opt_current = opt_next; ++ } + free(buf); + pdf_free(doc); + return 0; +diff --git a/filter/foomatic-rip/foomaticrip.c b/filter/foomatic-rip/foomaticrip.c +index 2a642ed..13d2035 100644 +--- a/filter/foomatic-rip/foomaticrip.c ++++ b/filter/foomatic-rip/foomaticrip.c +@@ -666,6 +666,11 @@ int print_file(const char *filename, int convert) + ret = print_file("", 0); + + wait_for_process(renderer_pid); ++ if (in != NULL) ++ fclose(in); ++ if (out != NULL) ++ fclose(out); ++ + return ret; + } + +@@ -683,6 +688,8 @@ int print_file(const char *filename, int convert) + + case UNKNOWN_FILE: + _log("Cannot process \"%s\": Unknown filetype.\n", filename); ++ if (file != NULL) ++ fclose(file); + return 0; + } + +@@ -811,10 +818,14 @@ int main(int argc, char** argv) + + if (getenv("PPD")) { + strncpy(job->ppdfile, getenv("PPD"), 2048); ++ if (strlen(getenv("PPD")) > 2047) ++ job->ppdfile[2047] = '\0'; + spooler = SPOOLER_CUPS; +- if (getenv("CUPS_SERVERBIN")) +- strncpy(cupsfilterpath, getenv("CUPS_SERVERBIN"), +- sizeof(cupsfilterpath)); ++ if (getenv("CUPS_SERVERBIN")) { ++ strncpy(cupsfilterpath, getenv("CUPS_SERVERBIN"), sizeof(cupsfilterpath)); ++ if (strlen(getenv("CUPS_SERVERBIN")) > PATH_MAX-1) ++ cupsfilterpath[PATH_MAX-1] = '\0'; ++ } + } + + /* Check status of printer color management from the color manager */ +@@ -834,10 +845,14 @@ int main(int argc, char** argv) + allow duplicates, and use the last specified one */ + while ((str = arglist_get_value(arglist, "-p"))) { + strncpy(job->ppdfile, str, 2048); ++ if (strlen(str) > 2047) ++ job->ppdfile[2047] = '\0'; + arglist_remove(arglist, "-p"); + } + while ((str = arglist_get_value(arglist, "--ppd"))) { + strncpy(job->ppdfile, str, 2048); ++ if (strlen(str) > 2047) ++ job->ppdfile[2047] = '\0'; + arglist_remove(arglist, "--ppd"); + } + +@@ -1020,6 +1035,7 @@ int main(int argc, char** argv) + cmd[0] = '\0'; + + snprintf(gstoraster, sizeof(gstoraster), "gs -dQUIET -dDEBUG -dPARANOIDSAFER -dNOPAUSE -dBATCH -dNOINTERPOLATE -dNOMEDIAATTRS -sDEVICE=cups -dShowAcroForm %s -sOutputFile=- -", cmd); ++ free(icc_profile); + } + + /* build Ghostscript/CUPS driver command line */ +diff --git a/filter/foomatic-rip/options.c b/filter/foomatic-rip/options.c +index 325a0a6..798ddf9 100644 +--- a/filter/foomatic-rip/options.c ++++ b/filter/foomatic-rip/options.c +@@ -1031,12 +1031,10 @@ int option_set_value(option_t *opt, int optionset, const char *value) + /* TODO only set the changed option, not all of them */ + choice = option_find_choice(fromopt, + option_get_value(fromopt, optionset)); +- + composite_set_values(fromopt, optionset, choice->command); +- } +- else { ++ free(newvalue); ++ } else + val->value = newvalue; +- } + + if (option_is_composite(opt)) { + /* set dependent values */ +@@ -1914,6 +1912,8 @@ int ppd_supports_pdf() + if (startswith(cmd, "gs")) + { + strncpy(cmd_pdf, cmd, 4096); ++ if (strlen(cmd) > 4095) ++ cmd_pdf[4095] = '\0'; + return 1; + } + +diff --git a/filter/foomatic-rip/spooler.c b/filter/foomatic-rip/spooler.c +index 236551f..4f27563 100644 +--- a/filter/foomatic-rip/spooler.c ++++ b/filter/foomatic-rip/spooler.c +@@ -94,6 +94,8 @@ void init_cups(list_t *arglist, dstr_t *filelist, jobparams_t *job) + CUPS puts the print queue name into the PRINTER environment variable + when calling filters. */ + strncpy(job->printer, getenv("PRINTER"), 256); ++ if (strlen(getenv("PRINTER")) > 255) ++ job->printer[255] = '\0'; + + free(cups_options); + } +diff --git a/filter/pdftops.c b/filter/pdftops.c +index 55d2ec1..a648444 100644 +--- a/filter/pdftops.c ++++ b/filter/pdftops.c +@@ -427,6 +427,8 @@ main(int argc, /* I - Number of command-line args */ + if ((val = cupsGetOption("make-and-model", num_options, options)) != NULL) + { + strncpy(make_model, val, sizeof(make_model)); ++ if (strlen(val) > 127) ++ make_model[127] = '\0'; + for (ptr = make_model; *ptr; ptr ++) + if (*ptr == '-') *ptr = ' '; + } +diff --git a/filter/pdftoraster.cxx b/filter/pdftoraster.cxx +index 4cd656a..0c63ab8 100644 +--- a/filter/pdftoraster.cxx ++++ b/filter/pdftoraster.cxx +@@ -558,8 +558,10 @@ static void parseOpts(int argc, char **argv) + if (!cm_disabled) + cmGetPrinterIccProfile(getenv("PRINTER"), &profile, ppd); + +- if (profile != NULL) +- colorProfile = cmsOpenProfileFromFile(profile,"r"); ++ if (profile != NULL) { ++ colorProfile = cmsOpenProfileFromFile(profile,"r"); ++ free(profile); ++ } + + #ifdef HAVE_CUPS_1_7 + if ((attr = ppdFindAttr(ppd,"PWGRaster",0)) != 0 && +diff --git a/filter/rastertoescpx.c b/filter/rastertoescpx.c +index 5a3e5df..a0ec416 100644 +--- a/filter/rastertoescpx.c ++++ b/filter/rastertoescpx.c +@@ -1141,7 +1141,10 @@ EndPage(ppd_file_t *ppd, /* I - PPD file */ + } + } + else ++ { + free(DotBuffers[0]); ++ DotBuffers[0] = NULL; ++ } + + /* + * Output a page eject sequence... +@@ -1440,7 +1443,7 @@ CompressData(ppd_file_t *ppd, /* I - PPD file information */ + + printf("\033i"); + putchar(ctable[PrinterPlanes - 1][plane]); +- putchar(type != 0); ++ putchar((type != 0) ? '1': '0'); + putchar(BitPlanes); + putchar(bytes & 255); + putchar(bytes >> 8); +@@ -1470,7 +1473,7 @@ CompressData(ppd_file_t *ppd, /* I - PPD file information */ + bytes *= 8; + + printf("\033."); +- putchar(type != 0); ++ putchar((type != 0) ? '1': '0'); + putchar(ystep); + putchar(xstep); + putchar(rows); +@@ -1907,6 +1910,10 @@ main(int argc, /* I - Number of command-line arguments */ + if (fd != 0) + close(fd); + ++ for (int i = 0; i < 7; i++) ++ if (DotBuffers[i] != NULL) ++ free(DotBuffers[i]); ++ + return (page == 0); + } + +diff --git a/filter/rastertops.c b/filter/rastertops.c +index d5d955b..531eb70 100644 +--- a/filter/rastertops.c ++++ b/filter/rastertops.c +@@ -282,6 +282,8 @@ write_flate(cups_raster_t *ras, /* I - Image data */ + if (fwrite(out, 1, have, stdout) != have) + { + (void)deflateEnd(&strm); ++ if (convertedpix != NULL) ++ free(convertedpix); + return Z_ERRNO; + } + } while (strm.avail_out == 0); +diff --git a/filter/sys5ippprinter.c b/filter/sys5ippprinter.c +index ad75551..9a92c8e 100644 +--- a/filter/sys5ippprinter.c ++++ b/filter/sys5ippprinter.c +@@ -570,6 +570,8 @@ exec_filter(const char *filter, /* I - Filter to execute */ + dup2(fd, 2); + close(fd); + } ++ else ++ close(fd); + fcntl(2, F_SETFL, O_NDELAY); + } + +@@ -578,6 +580,8 @@ exec_filter(const char *filter, /* I - Filter to execute */ + dup2(fd, 3); + close(fd); + } ++ else ++ close(fd); + fcntl(3, F_SETFL, O_NDELAY); + + if ((fd = open("/dev/null", O_RDWR)) > 4) +@@ -585,6 +589,8 @@ exec_filter(const char *filter, /* I - Filter to execute */ + dup2(fd, 4); + close(fd); + } ++ else ++ close(fd); + fcntl(4, F_SETFL, O_NDELAY); + + /* +@@ -654,8 +660,11 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ + { + next = (char *)cupsArrayNext(filters); + +- if (filter[0] == '/') ++ if (filter[0] == '/') { + strncpy(program, filter, sizeof(program)); ++ if (strlen(filter) > 1023) ++ program[1023] = '\0'; ++ } + else + { + if ((cups_serverbin = getenv("CUPS_SERVERBIN")) == NULL) +diff --git a/utils/cups-browsed.c b/utils/cups-browsed.c +index a2a4a08..19a2ac8 100644 +--- a/utils/cups-browsed.c ++++ b/utils/cups-browsed.c +@@ -2245,7 +2245,10 @@ is_disabled(const char *printer, const char *reason) { + pstate = (ipp_pstate_t)ippGetInteger(attr, 0); + else if (!strcmp(ippGetName(attr), "printer-state-message") && + ippGetValueTag(attr) == IPP_TAG_TEXT) { +- free(pstatemsg); ++ if (pstatemsg != NULL) { ++ free(pstatemsg); ++ pstatemsg = NULL; ++ } + p = ippGetString(attr, 0, NULL); + if (p != NULL) pstatemsg = strdup(p); + } +@@ -2262,16 +2265,22 @@ is_disabled(const char *printer, const char *reason) { + case IPP_PRINTER_IDLE: + case IPP_PRINTER_PROCESSING: + ippDelete(response); +- free(pstatemsg); ++ if (pstatemsg != NULL) { ++ free(pstatemsg); ++ pstatemsg = NULL; ++ } + return NULL; + case IPP_PRINTER_STOPPED: + ippDelete(response); + if (reason == NULL) + return pstatemsg; +- else if (strcasestr(pstatemsg, reason) != NULL) ++ else if (pstatemsg != NULL && (strcasestr(pstatemsg, reason) != NULL)) + return pstatemsg; + else { +- free(pstatemsg); ++ if (pstatemsg != NULL) { ++ free(pstatemsg); ++ pstatemsg = NULL; ++ } + return NULL; + } + } +@@ -2280,12 +2289,18 @@ is_disabled(const char *printer, const char *reason) { + debug_printf("No information regarding enabled/disabled found about the requested printer '%s'\n", + printer); + ippDelete(response); +- free(pstatemsg); ++ if (pstatemsg != NULL) { ++ free(pstatemsg); ++ pstatemsg = NULL; ++ } + return NULL; + } + debug_printf("ERROR: Request for printer info failed: %s\n", + cupsLastErrorString()); +- free(pstatemsg); ++ if (pstatemsg != NULL) { ++ free(pstatemsg); ++ pstatemsg = NULL; ++ } + return NULL; + } + +@@ -3040,6 +3055,8 @@ on_printer_state_changed (CupsNotifier *object, + dest_host = p->ip ? p->ip : p->host; + dest_port = p->port; + strncpy(dest_name, remote_cups_queue, sizeof(dest_name)); ++ if (strlen(remote_cups_queue) > 1023) ++ dest_name[1023] = '\0'; + dest_index = i; + debug_printf("Printer %s on host %s, port %d is idle, take this as destination and stop searching.\n", + remote_cups_queue, p->host, p->port); +@@ -3056,8 +3073,9 @@ on_printer_state_changed (CupsNotifier *object, + min_jobs = num_jobs; + dest_host = p->ip ? p->ip : p->host; + dest_port = p->port; +- strncpy(dest_name, remote_cups_queue, +- sizeof(dest_name)); ++ strncpy(dest_name, remote_cups_queue, sizeof(dest_name)); ++ if (strlen(remote_cups_queue) > 1023) ++ dest_name[1023] = '\0'; + dest_index = i; + } + debug_printf("Printer %s on host %s, port %d is printing and it has %d jobs.\n", +@@ -3566,8 +3584,9 @@ create_remote_printer_entry (const char *queue_name, + IPP_TAG_KEYWORD)) != NULL) { + debug_printf(" Attr: %s\n", ippGetName(attr)); + for (i = 0; i < ippGetCount(attr); i ++) { +- strncpy(valuebuffer, ippGetString(attr, i, NULL), +- sizeof(valuebuffer)); ++ strncpy(valuebuffer, ippGetString(attr, i, NULL), sizeof(valuebuffer)); ++ if (strlen(ippGetString(attr, i, NULL)) > 65535) ++ valuebuffer[65535] = '\0'; + debug_printf(" Keyword: %s\n", valuebuffer); + if (valuebuffer[0] > '1') + break; +@@ -3598,8 +3617,9 @@ create_remote_printer_entry (const char *queue_name, + debug_printf(" Value: %s\n", valuebuffer); + if (valuebuffer[0] == '\0') { + for (i = 0; i < ippGetCount(attr); i ++) { +- strncpy(valuebuffer, ippGetString(attr, i, NULL), +- sizeof(valuebuffer)); ++ strncpy(valuebuffer, ippGetString(attr, i, NULL), sizeof(valuebuffer)); ++ if (strlen(ippGetString(attr, i, NULL)) > 65535) ++ valuebuffer[65535] = '\0'; + debug_printf(" Keyword: %s\n", valuebuffer); + if (valuebuffer[0] != '\0') + break; +@@ -3629,8 +3649,9 @@ create_remote_printer_entry (const char *queue_name, + debug_printf(" Value: %s\n", valuebuffer); + if (valuebuffer[0] == '\0') { + for (i = 0; i < ippGetCount(attr); i ++) { +- strncpy(valuebuffer, ippGetString(attr, i, NULL), +- sizeof(valuebuffer)); ++ strncpy(valuebuffer, ippGetString(attr, i, NULL), sizeof(valuebuffer)); ++ if (strlen(ippGetString(attr, i, NULL)) > 65535) ++ valuebuffer[65535] = '\0'; + debug_printf(" Keyword: %s\n", valuebuffer); + if (valuebuffer[0] != '\0') + break; +@@ -3663,8 +3684,9 @@ create_remote_printer_entry (const char *queue_name, + debug_printf(" Value: %s\n", p->queue_name, valuebuffer); + if (valuebuffer[0] == '\0') { + for (i = 0; i < ippGetCount(attr); i ++) { +- strncpy(valuebuffer, ippGetString(attr, i, NULL), +- sizeof(valuebuffer)); ++ strncpy(valuebuffer, ippGetString(attr, i, NULL), sizeof(valuebuffer)); ++ if (strlen(ippGetString(attr, i, NULL)) > 65535) ++ valuebuffer[65535] = '\0'; + debug_printf(" Keyword: %s\n", valuebuffer); + if (valuebuffer[0] != '\0') + break; +@@ -4498,6 +4520,8 @@ gboolean update_cups_queues(gpointer unused) { + } else { + /* Device URI: ipp(s)://:631/printers/ */ + strncpy(device_uri, p->uri, sizeof(device_uri)); ++ if (strlen(p->uri) > HTTP_MAX_URI-1) ++ device_uri[HTTP_MAX_URI-1] = '\0'; + debug_printf("Print queue %s is for an IPP network printer, or we do not get notifications from CUPS, using direct device URI %s\n", + p->queue_name, device_uri); + } +@@ -4606,6 +4630,8 @@ gboolean update_cups_queues(gpointer unused) { + } else if (!strncmp(line, "*Default", 8)) { + cont_line_read = 0; + strncpy(keyword, line + 8, sizeof(keyword)); ++ if ((strlen(line) + 8) > 1023) ++ keyword[1023] = '\0'; + for (keyptr = keyword; *keyptr; keyptr ++) + if (*keyptr == ':' || isspace(*keyptr & 255)) + break; +@@ -7144,7 +7170,7 @@ read_configuration (const char *filename) + in the configuration file is used. */ + while ((i < cupsArrayCount(command_line_config) && + (value = cupsArrayIndex(command_line_config, i++)) && +- strncpy(line, value, sizeof(line))) || ++ strncpy(line, value, sizeof(line)) && ((strlen(value) > HTTP_MAX_BUFFER-1)? line[HTTP_MAX_BUFFER-1] = '\0': 1)) || + cupsFileGetConf(fp, line, sizeof(line), &value, &linenum)) { + if (linenum < 0) { + /* We are still reading options from the command line ("-o ..."), +@@ -7371,6 +7397,7 @@ read_configuration (const char *filename) + if (filter->cregexp) + regfree(filter->cregexp); + free(filter); ++ filter = NULL; + } + } else if ((!strcasecmp(line, "BrowseInterval") || !strcasecmp(line, "BrowseTimeout")) && value) { + int t = atoi(value); +@@ -7386,8 +7413,11 @@ read_configuration (const char *filename) + debug_printf("Invalid %s value: %d\n", + line, t); + } else if (!strcasecmp(line, "DomainSocket") && value) { +- if (value[0] != '\0') ++ if (value[0] != '\0') { ++ if (DomainSocket != NULL) ++ free(DomainSocket); + DomainSocket = strdup(value); ++ } + } else if ((!strcasecmp(line, "HttpLocalTimeout") || !strcasecmp(line, "HttpRemoteTimeout")) && value) { + int t = atoi(value); + if (t >= 0) { +@@ -7555,6 +7585,10 @@ read_configuration (const char *filename) + } + } + cupsArrayAdd (clusters, cluster); ++ if (start != NULL) { ++ free(start); ++ start = NULL; ++ } + continue; + cluster_fail: + if (cluster) { +@@ -7568,6 +7602,11 @@ read_configuration (const char *filename) + cupsArrayDelete (cluster->members); + } + free(cluster); ++ cluster = NULL; ++ } ++ if (start != NULL) { ++ free(start); ++ start = NULL; + } + } else if (!strcasecmp(line, "LoadBalancing") && value) { + if (!strncasecmp(value, "QueueOnClient", 13)) +@@ -7575,7 +7614,7 @@ read_configuration (const char *filename) + else if (!strncasecmp(value, "QueueOnServers", 14)) + LoadBalancingType = QUEUE_ON_SERVERS; + } else if (!strcasecmp(line, "DefaultOptions") && value) { +- if (strlen(value) > 0) ++ if (DefaultOptions == NULL && strlen(value) > 0) + DefaultOptions = strdup(value); + } else if (!strcasecmp(line, "AutoShutdown") && value) { + char *p, *saveptr; +@@ -7949,10 +7988,12 @@ int main(int argc, char*argv[]) { + daemon, not with remote ones. */ + if (getenv("CUPS_SERVER") != NULL) { + strncpy(local_server_str, getenv("CUPS_SERVER"), sizeof(local_server_str)); ++ if (strlen(getenv("CUPS_SERVER")) > 1023) ++ local_server_str[1023] = '\0'; + } else { + #ifdef CUPS_DEFAULT_DOMAINSOCKET + if (DomainSocket == NULL) +- DomainSocket = CUPS_DEFAULT_DOMAINSOCKET; ++ DomainSocket = strdup(CUPS_DEFAULT_DOMAINSOCKET); + #endif + if (DomainSocket != NULL) { + struct stat sockinfo; /* Domain socket information */ +@@ -8293,6 +8334,11 @@ fail: + if (debug_logfile == 1) + stop_debug_logging(); + ++ if (DefaultOptions != NULL) ++ free(DefaultOptions); ++ if (DomainSocket != NULL) ++ free(DomainSocket); ++ + return ret; + + help: +diff --git a/utils/driverless.c b/utils/driverless.c +index 7fc6dae..fe61e58 100644 +--- a/utils/driverless.c ++++ b/utils/driverless.c +@@ -227,12 +227,16 @@ list_printers (int mode) + + if (txt_usb_mfg[0] != '\0') { + strncpy(make, txt_usb_mfg, sizeof(make)); ++ if (strlen(txt_usb_mfg) > 511) ++ make[511] = '\0'; + ptr = device_id + strlen(device_id); + snprintf(ptr, sizeof(device_id) - (size_t)(ptr - device_id), + "MFG:%s;", txt_usb_mfg); + } + if (txt_usb_mdl[0] != '\0') { + strncpy(model, txt_usb_mdl, sizeof(model)); ++ if (strlen(txt_usb_mdl) > 255) ++ model[255] = '\0'; + ptr = device_id + strlen(device_id); + snprintf(ptr, sizeof(device_id) - (size_t)(ptr - device_id), + "MDL:%s;", txt_usb_mdl); +@@ -243,15 +247,22 @@ list_printers (int mode) + *ptr == ')') + *ptr = '\0'; + strncpy(model, txt_product + 1, sizeof(model)); ++ if ((strlen(txt_product) + 1) > 255) ++ model[255] = '\0'; + } else + strncpy(model, txt_product, sizeof(model)); + } else if (txt_ty[0] != '\0') { + strncpy(model, txt_ty, sizeof(model)); ++ if (strlen(txt_ty) > 255) ++ model[255] = '\0'; + if ((ptr = strchr(model, ',')) != NULL) + *ptr = '\0'; + } +- if (txt_pdl[0] != '\0') ++ if (txt_pdl[0] != '\0') { + strncpy(pdl, txt_pdl, sizeof(pdl)); ++ if (strlen(txt_pdl) > 255) ++ pdl[255] = '\0'; ++ } + + if (!device_id[0] && strcasecmp(model, "Unknown")) { + if (make[0]) diff --git a/cups-filters.spec b/cups-filters.spec index 7b49562..d7de108 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.20.0 -Release: 6%{?dist} +Release: 13%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -21,6 +21,10 @@ Url: http://www.linuxfoundation.org/collaborate/workgroups/openprinting/cups Source0: http://www.openprinting.org/download/cups-filters/cups-filters-%{version}.tar.xz Patch01: cups-filters-createall.patch +Patch02: cups-filters-brftopagedbrf-install.patch +# backported patch from upstream for covscan fixes +Patch03: cups-filters-covscan.patch +Patch04: cups-browsed.8.patch Requires: cups-filters-libs%{?_isa} = %{version}-%{release} @@ -72,7 +76,10 @@ BuildRequires: automake BuildRequires: libtool Requires: cups-filesystem +# poppler utils are needed for banner printing, and with ghostscript are needed +# when cups-filters is configured --with-pdftops=hybrid Requires: poppler-utils +Requires: ghostscript # texttopdf Requires: liberation-mono-fonts @@ -81,10 +88,17 @@ Requires: liberation-mono-fonts Requires: bc grep sed which # cups-browsed +# requires cups.service for running cups-browsed +Requires: cups Requires(post): systemd Requires(preun): systemd Requires(postun): systemd +# old versions still can have ghostscript-cups and foomatic-filters installed +# so we need to obsolete them to have them uninstalled +Obsoletes: ghostscript-cups +Obsoletes: foomatic-filters + %package libs Summary: OpenPrinting CUPS filters and backends - cupsfilters and fontembed libraries # LGPLv2: libcupsfilters @@ -113,6 +127,11 @@ This is the development package for OpenPrinting CUPS filters and backends. %setup -q %patch01 -p1 -b .createall +# 1572450 - cupsd: Filter "brftopagedbrf" not found. +%patch02 -p1 -b .brftopagedbrf-install +# backported patch from upstream for covscan fixes +%patch03 -p1 -b .covscan +%patch04 -p1 -b .manpage %build @@ -229,7 +248,8 @@ fi %attr(0700,root,root) %{_cups_serverbin}/backend/serial %attr(0755,root,root) %{_cups_serverbin}/backend/implicitclass %attr(0755,root,root) %{_cups_serverbin}/backend/beh -%attr(0755,root,root) %{_cups_serverbin}/backend/cups-brf +# cups-brf needs to be run as root, otherwise it leaves error message in journal +%attr(0700,root,root) %{_cups_serverbin}/backend/cups-brf %{_bindir}/foomatic-rip %{_bindir}/driverless %{_cups_serverbin}/backend/driverless @@ -286,6 +306,27 @@ fi %{_libdir}/libfontembed.so %changelog +* Fri Feb 01 2019 Zdenek Dohnal - 1.20.0-13 +- cups-brf needs to be run as root + +* Mon Nov 12 2018 Zdenek Dohnal - 1.20.0-12 +- links in man page are wrong + +* Mon Sep 24 2018 Zdenek Dohnal - 1.20.0-11 +- 1632267 - cups-filters needs to obsolete ghostscript-cups and foomatic-filters + +* Fri Sep 21 2018 Zdenek Dohnal - 1.20.0-10 +- fixed covscan issues + +* Tue Jun 12 2018 Zdenek Dohnal - 1.20.0-9 +- add requires on cups, ghostscript and poppler-utils + +* Fri Apr 27 2018 Zdenek Dohnal - 1.20.0-8 +- 1572450 - cupsd: Filter "brftopagedbrf" not found. + +* Thu Apr 05 2018 Zdenek Dohnal - 1.20.0-7 +- dependency on poppler-utils is now only recommended + * Mon Feb 19 2018 Zdenek Dohnal - 1.20.0-6 - gcc and gcc-c++ is no longer in buildroot by default