diff options
| author | Didier Raboud <odyx@debian.org> | 2018-06-11 19:28:32 +0200 |
|---|---|---|
| committer | Didier Raboud <odyx@debian.org> | 2018-06-11 19:28:46 +0200 |
| commit | 34579ff0b2dabb8b731d4f533531daa15443c8ff (patch) | |
| tree | 490782fa5d803e279bf3fdf011021fdc2ffc89d0 | |
| parent | 845c1dfe5e994f2e66be778be2acd8488ba560d0 (diff) | |
| parent | d8ce1e7f130c773f37fd63f33cf85a8847d90177 (diff) | |
merge patched-debian/master into debian/master
32 files changed, 216 insertions, 519 deletions
diff --git a/cups/ipp.c b/cups/ipp.c index abb80b15a..17273eee3 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -1,8 +1,8 @@ /* * Internet Printing Protocol functions for CUPS. * - * Copyright 2007-2017 by Apple Inc. - * Copyright 1997-2007 by Easy Software Products, all rights reserved. + * Copyright © 2007-2018 by Apple Inc. + * Copyright © 1997-2007 by Easy Software Products, all rights reserved. * * These coded instructions, statements, and computer programs are the * property of Apple Inc. and are protected by Federal copyright @@ -4935,21 +4935,6 @@ ippValidateAttribute( ipp_attribute_t *colattr; /* Collection attribute */ regex_t re; /* Regular expression */ ipp_uchar_t *date; /* Current date value */ - static const char * const uri_status_strings[] = - { /* URI status strings */ - "URI too large", - "Bad arguments to function", - "Bad resource in URI", - "Bad port number in URI", - "Bad hostname/address in URI", - "Bad username in URI", - "Bad scheme in URI", - "Bad/empty URI", - "OK", - "Missing scheme in URI", - "Unknown scheme in URI", - "Missing resource in URI" - }; /* @@ -5224,16 +5209,23 @@ ippValidateAttribute( } else if (*ptr & 0x80) break; + else if ((*ptr < ' ' && *ptr != '\n' && *ptr != '\r' && *ptr != '\t') || *ptr == 0x7f) + break; } - if (*ptr) - { - ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, - _("\"%s\": Bad text value \"%s\" - bad UTF-8 " - "sequence (RFC 8011 section 5.1.2)."), attr->name, - attr->values[i].string.text); - return (0); - } + if (*ptr) + { + if (*ptr < ' ' || *ptr == 0x7f) + { + ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text); + return (0); + } + else + { + ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text); + return (0); + } + } if ((ptr - attr->values[i].string.text) > (IPP_MAX_TEXT - 1)) { @@ -5282,16 +5274,23 @@ ippValidateAttribute( } else if (*ptr & 0x80) break; + else if (*ptr < ' ' || *ptr == 0x7f) + break; } if (*ptr) { - ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, - _("\"%s\": Bad name value \"%s\" - bad UTF-8 " - "sequence (RFC 8011 section 5.1.3)."), attr->name, - attr->values[i].string.text); - return (0); - } + if (*ptr < ' ' || *ptr == 0x7f) + { + ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text); + return (0); + } + else + { + ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text); + return (0); + } + } if ((ptr - attr->values[i].string.text) > (IPP_MAX_NAME - 1)) { @@ -5346,12 +5345,7 @@ ippValidateAttribute( if (uri_status < HTTP_URI_STATUS_OK) { - ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, - _("\"%s\": Bad URI value \"%s\" - %s " - "(RFC 8011 section 5.1.6)."), attr->name, - attr->values[i].string.text, - uri_status_strings[uri_status - - HTTP_URI_STATUS_OVERFLOW]); + ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad URI value \"%s\" - %s (RFC 8011 section 5.1.6)."), attr->name, attr->values[i].string.text, httpURIStatusString(uri_status)); return (0); } diff --git a/cups/testhttp.c b/cups/testhttp.c index a2d890d06..fa8356c02 100644 --- a/cups/testhttp.c +++ b/cups/testhttp.c @@ -1,8 +1,8 @@ /* * HTTP test program for CUPS. * - * Copyright 2007-2014 by Apple Inc. - * Copyright 1997-2006 by Easy Software Products. + * Copyright © 2007-2018 by Apple Inc. + * Copyright © 1997-2006 by Easy Software Products. * * These coded instructions, statements, and computer programs are the * property of Apple Inc. and are protected by Federal copyright @@ -186,6 +186,9 @@ static uri_test_t uri_tests[] = /* URI test data */ HTTP_URI_CODING_MOST }, /* Bad resource */ + { HTTP_URI_STATUS_BAD_RESOURCE, "mailto:\r\nbla", + "mailto", "", "", "", 0, 0, + HTTP_URI_CODING_MOST }, { HTTP_URI_STATUS_BAD_RESOURCE, "http://server/index.html%", "http", "", "server", "", 80, 0, HTTP_URI_CODING_MOST }, diff --git a/debian/.git-dpm b/debian/.git-dpm index fffdd6d64..976c7fd8b 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -145b38346c4db876915a426f2f921a75bdd4f966 -145b38346c4db876915a426f2f921a75bdd4f966 +d8ce1e7f130c773f37fd63f33cf85a8847d90177 +d8ce1e7f130c773f37fd63f33cf85a8847d90177 4ebeb20c50145190312c9897efa26ed5b58b3bc5 4ebeb20c50145190312c9897efa26ed5b58b3bc5 cups_2.2.8.orig.tar.gz diff --git a/debian/patches/0016-Fix-regressions-in-ippValidateAttribute-Issue-5322-I.patch b/debian/patches/0016-Fix-regressions-in-ippValidateAttribute-Issue-5322-I.patch new file mode 100644 index 000000000..0fa223fca --- /dev/null +++ b/debian/patches/0016-Fix-regressions-in-ippValidateAttribute-Issue-5322-I.patch @@ -0,0 +1,72 @@ +From 039f30d74597b01c9ba1bbe90a52359ebdbad495 Mon Sep 17 00:00:00 2001 +From: Michael R Sweet <michael.r.sweet@gmail.com> +Date: Mon, 11 Jun 2018 09:37:55 -0400 +Subject: Fix regressions in ippValidateAttribute (Issue #5322, Issue #5330) + +--- + cups/ipp.c | 44 +++++++++++++++++++++++++------------------- + 1 file changed, 25 insertions(+), 19 deletions(-) + +diff --git a/cups/ipp.c b/cups/ipp.c +index b33a3bc2e..57d962058 100644 +--- a/cups/ipp.c ++++ b/cups/ipp.c +@@ -5097,16 +5097,19 @@ ippValidateAttribute( + break; + } + +- if (*ptr < ' ' || *ptr == 0x7f) +- { +- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text); +- return (0); +- } +- else if (*ptr) +- { +- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text); +- return (0); +- } ++ if (*ptr) ++ { ++ if (*ptr < ' ' || *ptr == 0x7f) ++ { ++ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text); ++ return (0); ++ } ++ else ++ { ++ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text); ++ return (0); ++ } ++ } + + if ((ptr - attr->values[i].string.text) > (IPP_MAX_TEXT - 1)) + { +@@ -5159,16 +5162,19 @@ ippValidateAttribute( + break; + } + +- if (*ptr < ' ' || *ptr == 0x7f) +- { +- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text); +- return (0); +- } +- else if (*ptr) ++ if (*ptr) + { +- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text); +- return (0); +- } ++ if (*ptr < ' ' || *ptr == 0x7f) ++ { ++ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text); ++ return (0); ++ } ++ else ++ { ++ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text); ++ return (0); ++ } ++ } + + if ((ptr - attr->values[i].string.text) > (IPP_MAX_NAME - 1)) + { diff --git a/debian/patches/0016-Revert-Generalize-the-input-validation-of-some-kinds.patch b/debian/patches/0016-Revert-Generalize-the-input-validation-of-some-kinds.patch deleted file mode 100644 index 54385837d..000000000 --- a/debian/patches/0016-Revert-Generalize-the-input-validation-of-some-kinds.patch +++ /dev/null @@ -1,358 +0,0 @@ -From e140328970f39713cf9ad3aa9ddb069611605eb4 Mon Sep 17 00:00:00 2001 -From: Didier Raboud <odyx@debian.org> -Date: Fri, 8 Jun 2018 14:39:21 +0200 -Subject: Revert "Generalize the input validation of some kinds of attributes." - -This reverts commit 4c37eb9f77910f6f856fc540fc9a94a5885af17c. - -Fixes FTBFS on 2.2.8, see https://github.com/apple/cups/issues/5322 ---- - cups/ipp.c | 54 +++++++++------- - cups/testhttp.c | 7 +-- - scheduler/ipp.c | 164 ++++++++++++++++++++++++++---------------------- - 3 files changed, 124 insertions(+), 101 deletions(-) - -diff --git a/cups/ipp.c b/cups/ipp.c -index b33a3bc2e..a93e1e921 100644 ---- a/cups/ipp.c -+++ b/cups/ipp.c -@@ -1,8 +1,8 @@ - /* - * Internet Printing Protocol functions for CUPS. - * -- * Copyright © 2007-2018 by Apple Inc. -- * Copyright © 1997-2007 by Easy Software Products, all rights reserved. -+ * Copyright 2007-2017 by Apple Inc. -+ * Copyright 1997-2007 by Easy Software Products, all rights reserved. - * - * These coded instructions, statements, and computer programs are the - * property of Apple Inc. and are protected by Federal copyright -@@ -4819,6 +4819,21 @@ ippValidateAttribute( - ipp_attribute_t *colattr; /* Collection attribute */ - regex_t re; /* Regular expression */ - ipp_uchar_t *date; /* Current date value */ -+ static const char * const uri_status_strings[] = -+ { /* URI status strings */ -+ "URI too large", -+ "Bad arguments to function", -+ "Bad resource in URI", -+ "Bad port number in URI", -+ "Bad hostname/address in URI", -+ "Bad username in URI", -+ "Bad scheme in URI", -+ "Bad/empty URI", -+ "OK", -+ "Missing scheme in URI", -+ "Unknown scheme in URI", -+ "Missing resource in URI" -+ }; - - - /* -@@ -5093,18 +5108,14 @@ ippValidateAttribute( - } - else if (*ptr & 0x80) - break; -- else if ((*ptr < ' ' && *ptr != '\n' && *ptr != '\r' && *ptr != '\t') || *ptr == 0x7f) -- break; - } - -- if (*ptr < ' ' || *ptr == 0x7f) -- { -- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text); -- return (0); -- } -- else if (*ptr) -+ if (*ptr) - { -- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text); -+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, -+ _("\"%s\": Bad text value \"%s\" - bad UTF-8 " -+ "sequence (RFC 8011 section 5.1.2)."), attr->name, -+ attr->values[i].string.text); - return (0); - } - -@@ -5155,18 +5166,14 @@ ippValidateAttribute( - } - else if (*ptr & 0x80) - break; -- else if (*ptr < ' ' || *ptr == 0x7f) -- break; - } - -- if (*ptr < ' ' || *ptr == 0x7f) -+ if (*ptr) - { -- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text); -- return (0); -- } -- else if (*ptr) -- { -- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text); -+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, -+ _("\"%s\": Bad name value \"%s\" - bad UTF-8 " -+ "sequence (RFC 8011 section 5.1.3)."), attr->name, -+ attr->values[i].string.text); - return (0); - } - -@@ -5223,7 +5230,12 @@ ippValidateAttribute( - - if (uri_status < HTTP_URI_STATUS_OK) - { -- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad URI value \"%s\" - %s (RFC 8011 section 5.1.6)."), attr->name, attr->values[i].string.text, httpURIStatusString(uri_status)); -+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, -+ _("\"%s\": Bad URI value \"%s\" - %s " -+ "(RFC 8011 section 5.1.6)."), attr->name, -+ attr->values[i].string.text, -+ uri_status_strings[uri_status - -+ HTTP_URI_STATUS_OVERFLOW]); - return (0); - } - -diff --git a/cups/testhttp.c b/cups/testhttp.c -index fa8356c02..a2d890d06 100644 ---- a/cups/testhttp.c -+++ b/cups/testhttp.c -@@ -1,8 +1,8 @@ - /* - * HTTP test program for CUPS. - * -- * Copyright © 2007-2018 by Apple Inc. -- * Copyright © 1997-2006 by Easy Software Products. -+ * Copyright 2007-2014 by Apple Inc. -+ * Copyright 1997-2006 by Easy Software Products. - * - * These coded instructions, statements, and computer programs are the - * property of Apple Inc. and are protected by Federal copyright -@@ -186,9 +186,6 @@ static uri_test_t uri_tests[] = /* URI test data */ - HTTP_URI_CODING_MOST }, - - /* Bad resource */ -- { HTTP_URI_STATUS_BAD_RESOURCE, "mailto:\r\nbla", -- "mailto", "", "", "", 0, 0, -- HTTP_URI_CODING_MOST }, - { HTTP_URI_STATUS_BAD_RESOURCE, "http://server/index.html%", - "http", "", "server", "", 80, 0, - HTTP_URI_CODING_MOST }, -diff --git a/scheduler/ipp.c b/scheduler/ipp.c -index d1c6a89fb..d4e092d65 100644 ---- a/scheduler/ipp.c -+++ b/scheduler/ipp.c -@@ -5873,26 +5873,7 @@ create_subscriptions( - } - - if (recipient) -- { - cupsdLogMessage(CUPSD_LOG_DEBUG, "recipient=\"%s\"", recipient); -- -- -- if (!strncmp(recipient, "mailto:", 7) && user_data) -- { -- char temp[64]; /* Temporary string */ -- -- memcpy(temp, user_data->values[0].unknown.data, user_data->values[0].unknown.length); -- temp[user_data->values[0].unknown.length] = '\0'; -- -- if (httpSeparateURI(HTTP_URI_CODING_ALL, temp, scheme, sizeof(scheme), userpass, sizeof(userpass), host, sizeof(host), &port, resource, sizeof(resource)) < HTTP_URI_OK) -- { -- send_ipp_status(con, IPP_NOT_POSSIBLE, _("Bad notify-user-data \"%s\"."), temp); -- ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_ENUM, "notify-status-code", IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES); -- return; -- } -- } -- } -- - if (pullmethod) - cupsdLogMessage(CUPSD_LOG_DEBUG, "pullmethod=\"%s\"", pullmethod); - cupsdLogMessage(CUPSD_LOG_DEBUG, "notify-lease-duration=%d", lease); -@@ -7988,16 +7969,13 @@ hold_job(cupsd_client_t *con, /* I - Client connection */ - * Hold the job and return... - */ - -- if ((attr = ippFindAttribute(con->request, "job-hold-until", IPP_TAG_ZERO)) != NULL) -- { -- if ((ippGetValueTag(attr) != IPP_TAG_KEYWORD && ippGetValueTag(attr) != IPP_TAG_NAME && ippGetValueTag(attr) != IPP_TAG_NAMELANG) || ippGetCount(attr) != 1 || !ippValidateAttribute(attr)) -- { -- send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-hold-until' value.")); -- ippCopyAttribute(con->response, attr, 0); -- return; -- } -+ if ((attr = ippFindAttribute(con->request, "job-hold-until", -+ IPP_TAG_KEYWORD)) == NULL) -+ attr = ippFindAttribute(con->request, "job-hold-until", IPP_TAG_NAME); - -- when = ippGetString(attr, 0, NULL); -+ if (attr) -+ { -+ when = attr->values[0].string.text; - - cupsdAddEvent(CUPSD_EVENT_JOB_CONFIG_CHANGED, cupsdFindDest(job->dest), job, - "Job job-hold-until value changed by user."); -@@ -10361,39 +10339,7 @@ set_job_attrs(cupsd_client_t *con, /* I - Client connection */ - continue; - } - -- if (!ippValidateAttribute(attr)) -- { -- send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Bad '%s' value."), attr->name); -- ippCopyAttribute(con->response, attr, 0); -- return; -- } -- -- if (!strcmp(attr->name, "job-hold-until")) -- { -- const char *when = ippGetString(attr, 0, NULL); -- /* job-hold-until value */ -- -- if ((ippGetValueTag(attr) != IPP_TAG_KEYWORD && ippGetValueTag(attr) != IPP_TAG_NAME && ippGetValueTag(attr) != IPP_TAG_NAMELANG) || ippGetCount(attr) != 1) -- { -- send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-hold-until' value.")); -- ippCopyAttribute(con->response, attr, 0); -- return; -- } -- -- cupsdLogJob(job, CUPSD_LOG_DEBUG, "Setting job-hold-until to %s", when); -- cupsdSetJobHoldUntil(job, when, 0); -- -- if (!strcmp(when, "no-hold")) -- { -- cupsdReleaseJob(job); -- check_jobs = 1; -- } -- else -- cupsdSetJobState(job, IPP_JOB_HELD, CUPSD_JOB_DEFAULT, "Job held by \"%s\".", username); -- -- event |= CUPSD_EVENT_JOB_CONFIG_CHANGED | CUPSD_EVENT_JOB_STATE; -- } -- else if (!strcmp(attr->name, "job-priority")) -+ if (!strcmp(attr->name, "job-priority")) - { - /* - * Change the job priority... -@@ -10513,6 +10459,28 @@ set_job_attrs(cupsd_client_t *con, /* I - Client connection */ - */ - - ippCopyAttribute(job->attrs, attr, 0); -+ -+ /* -+ * See if the job-name or job-hold-until is being changed. -+ */ -+ -+ if (!strcmp(attr->name, "job-hold-until")) -+ { -+ cupsdLogJob(job, CUPSD_LOG_DEBUG, "Setting job-hold-until to %s", -+ attr->values[0].string.text); -+ cupsdSetJobHoldUntil(job, attr->values[0].string.text, 0); -+ -+ if (!strcmp(attr->values[0].string.text, "no-hold")) -+ { -+ cupsdReleaseJob(job); -+ check_jobs = 1; -+ } -+ else -+ cupsdSetJobState(job, IPP_JOB_HELD, CUPSD_JOB_DEFAULT, -+ "Job held by \"%s\".", username); -+ -+ event |= CUPSD_EVENT_JOB_CONFIG_CHANGED | CUPSD_EVENT_JOB_STATE; -+ } - } - else if (attr->value_tag == IPP_TAG_DELETEATTR) - { -@@ -11330,35 +11298,81 @@ validate_job(cupsd_client_t *con, /* I - Client connection */ - } - } - -- /* -- * Is the job-hold-until value valid? -- */ -- -- if ((attr = ippFindAttribute(con->request, "job-hold-until", IPP_TAG_ZERO)) != NULL && ((ippGetValueTag(attr) != IPP_TAG_KEYWORD && ippGetValueTag(attr) != IPP_TAG_NAME && ippGetValueTag(attr) != IPP_TAG_NAMELANG) || ippGetCount(attr) != 1 || !ippValidateAttribute(attr))) -- { -- send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-hold-until' value.")); -- ippCopyAttribute(con->response, attr, 0); -- return; -- } -- - /* - * Is the job-name valid? - */ - - if ((name = ippFindAttribute(con->request, "job-name", IPP_TAG_ZERO)) != NULL) - { -+ int bad_name = 0; /* Is the job-name value bad? */ -+ - if ((name->value_tag != IPP_TAG_NAME && name->value_tag != IPP_TAG_NAMELANG) || -- name->num_values != 1 || !ippValidateAttribute(name)) -+ name->num_values != 1) -+ { -+ bad_name = 1; -+ } -+ else -+ { -+ /* -+ * Validate that job-name conforms to RFC 5198 (Network Unicode) and -+ * IPP Everywhere requirements for "name" values... -+ */ -+ -+ const unsigned char *nameptr; /* Pointer into "job-name" attribute */ -+ -+ for (nameptr = (unsigned char *)name->values[0].string.text; -+ *nameptr; -+ nameptr ++) -+ { -+ if (*nameptr < ' ' && *nameptr != '\t') -+ break; -+ else if (*nameptr == 0x7f) -+ break; -+ else if ((*nameptr & 0xe0) == 0xc0) -+ { -+ if ((nameptr[1] & 0xc0) != 0x80) -+ break; -+ -+ nameptr ++; -+ } -+ else if ((*nameptr & 0xf0) == 0xe0) -+ { -+ if ((nameptr[1] & 0xc0) != 0x80 || -+ (nameptr[2] & 0xc0) != 0x80) -+ break; -+ -+ nameptr += 2; -+ } -+ else if ((*nameptr & 0xf8) == 0xf0) -+ { -+ if ((nameptr[1] & 0xc0) != 0x80 || -+ (nameptr[2] & 0xc0) != 0x80 || -+ (nameptr[3] & 0xc0) != 0x80) -+ break; -+ -+ nameptr += 3; -+ } -+ else if (*nameptr & 0x80) -+ break; -+ } -+ -+ if (*nameptr) -+ bad_name = 1; -+ } -+ -+ if (bad_name) - { - if (StrictConformance) - { -- send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-name' value.")); -+ send_ipp_status(con, IPP_ATTRIBUTES, -+ _("Unsupported 'job-name' value.")); - ippCopyAttribute(con->response, name, 0); - return; - } - else - { -- cupsdLogMessage(CUPSD_LOG_WARN, "Unsupported 'job-name' value, deleting from request."); -+ cupsdLogMessage(CUPSD_LOG_WARN, -+ "Unsupported 'job-name' value, deleting from request."); - ippDeleteAttribute(con->request, name); - } - } diff --git a/debian/patches/0038-Build-mantohtml-with-the-build-architecture-compiler.patch b/debian/patches/0038-Build-mantohtml-with-the-build-architecture-compiler.patch index 3094b4315..d66668507 100644 --- a/debian/patches/0038-Build-mantohtml-with-the-build-architecture-compiler.patch +++ b/debian/patches/0038-Build-mantohtml-with-the-build-architecture-compiler.patch @@ -1,4 +1,4 @@ -From ada44999435298a40cb5befa8c832ff23132d822 Mon Sep 17 00:00:00 2001 +From 2bb9209e789dfd41dfa8266ac0cb4854860d1322 Mon Sep 17 00:00:00 2001 From: Helmut Grohne <helmut@subdivi.de> Date: Tue, 9 Aug 2016 18:11:49 +0200 Subject: Build mantohtml with the build architecture compiler diff --git a/debian/patches/0039-The-lp-and-lpr-commands-now-provide-better-error-mes.patch b/debian/patches/0039-The-lp-and-lpr-commands-now-provide-better-error-mes.patch index d5aaff377..0aa2ec199 100644 --- a/debian/patches/0039-The-lp-and-lpr-commands-now-provide-better-error-mes.patch +++ b/debian/patches/0039-The-lp-and-lpr-commands-now-provide-better-error-mes.patch @@ -1,4 +1,4 @@ -From fcb76f462c47a59bcbe8167bf484360efcc655a9 Mon Sep 17 00:00:00 2001 +From c8f1653d737433faae13fa070f8b2a2ed30528e0 Mon Sep 17 00:00:00 2001 From: Michael R Sweet <michaelrsweet@gmail.com> Date: Wed, 1 Nov 2017 15:45:50 -0400 Subject: =?UTF-8?q?The=20`lp`=20and=20`lpr`=20commands=20now=20provide=20b?= diff --git a/debian/patches/airprint-support.patch b/debian/patches/airprint-support.patch index 615340567..06bd6653e 100644 --- a/debian/patches/airprint-support.patch +++ b/debian/patches/airprint-support.patch @@ -1,4 +1,4 @@ -From baf8117daf415804f2fccae6233ad1e16c2cfd16 Mon Sep 17 00:00:00 2001 +From bbc3507a260d29db3fc5601826f33c10f9dccd1e Mon Sep 17 00:00:00 2001 From: Till Kamppeter <till.kamppeter@gmail.com> Date: Tue, 9 Aug 2016 18:11:29 +0200 Subject: Patch to support Apple AirPrint (printing from iPhone, iPad, iPod diff --git a/debian/patches/confdirperms.patch b/debian/patches/confdirperms.patch index 97d0ea945..023dbe2c3 100644 --- a/debian/patches/confdirperms.patch +++ b/debian/patches/confdirperms.patch @@ -1,4 +1,4 @@ -From 5a37dd3711ad82aaa1dcafcd04215859d54052d2 Mon Sep 17 00:00:00 2001 +From 7f7dd34709995b93cb1e2f2d7ef385475f83043e Mon Sep 17 00:00:00 2001 From: Martin Pitt <mpitt@debian.org> Date: Tue, 9 Aug 2016 18:11:41 +0200 Subject: Do not mess with the permissions of cupsd.conf. diff --git a/debian/patches/cups-deviced-allow-device-ids-with-newline.patch b/debian/patches/cups-deviced-allow-device-ids-with-newline.patch index ecf713e8f..3414e0ace 100644 --- a/debian/patches/cups-deviced-allow-device-ids-with-newline.patch +++ b/debian/patches/cups-deviced-allow-device-ids-with-newline.patch @@ -1,4 +1,4 @@ -From 3d3dc0a730f0a8b4e05fc6fc22ad7810fea752e3 Mon Sep 17 00:00:00 2001 +From 7e4ec7fc8f76c1596f23e7767f6c458aebcda09d Mon Sep 17 00:00:00 2001 From: Till Kamppeter <till.kamppeter@gmail.com> Date: Tue, 9 Aug 2016 18:11:28 +0200 Subject: Some printers have broken device IDs with newline diff --git a/debian/patches/cups-set-default-error-policy-retry-job.patch b/debian/patches/cups-set-default-error-policy-retry-job.patch index f7da95d6e..b1239421c 100644 --- a/debian/patches/cups-set-default-error-policy-retry-job.patch +++ b/debian/patches/cups-set-default-error-policy-retry-job.patch @@ -1,4 +1,4 @@ -From 0483b918940fd5f63975fbc6069e14276e31b19f Mon Sep 17 00:00:00 2001 +From b279566faab9d507015d4b9f08eb81cc280dd861 Mon Sep 17 00:00:00 2001 From: Martin Pitt <martin.pitt@ubuntu.com> Date: Tue, 9 Aug 2016 18:11:47 +0200 Subject: Set default job error policy to "retry-job", since it is less diff --git a/debian/patches/cups-snmp-oids-device-id-hp-ricoh.patch b/debian/patches/cups-snmp-oids-device-id-hp-ricoh.patch index f0f6073ba..a075f36aa 100644 --- a/debian/patches/cups-snmp-oids-device-id-hp-ricoh.patch +++ b/debian/patches/cups-snmp-oids-device-id-hp-ricoh.patch @@ -1,4 +1,4 @@ -From 653baf017212efc60e7ac971c238881bd6bdcd42 Mon Sep 17 00:00:00 2001 +From c12301c662bafd89fe50b70de6c5162a8b8113ef Mon Sep 17 00:00:00 2001 From: Tim Waugh <twaugh@redhat.com> Date: Tue, 9 Aug 2016 18:11:30 +0200 Subject: Let the "snmp" backend also use the manufacturer-specific diff --git a/debian/patches/cupsd-set-default-for-SyncOnClose-to-Yes.patch b/debian/patches/cupsd-set-default-for-SyncOnClose-to-Yes.patch index 78bab5336..2191d0352 100644 --- a/debian/patches/cupsd-set-default-for-SyncOnClose-to-Yes.patch +++ b/debian/patches/cupsd-set-default-for-SyncOnClose-to-Yes.patch @@ -1,4 +1,4 @@ -From 762841e50eafdd7e5083262308034ead54442aea Mon Sep 17 00:00:00 2001 +From 9059ef12c34a6e243ddae116f3cd14236ae73d84 Mon Sep 17 00:00:00 2001 From: Tim Waugh <twaugh@redhat.com> Date: Tue, 9 Aug 2016 18:11:46 +0200 Subject: Set the default for SyncOnClose to Yes diff --git a/debian/patches/debianize_cups-config.patch b/debian/patches/debianize_cups-config.patch index 01b453050..d7d9ffd99 100644 --- a/debian/patches/debianize_cups-config.patch +++ b/debian/patches/debianize_cups-config.patch @@ -1,4 +1,4 @@ -From d178c738513206c0183ed808d08645b7ed16bde3 Mon Sep 17 00:00:00 2001 +From d09044aada6ea3155dad431083b280d97cca8c9d Mon Sep 17 00:00:00 2001 From: Didier Raboud <odyx@debian.org> Date: Tue, 9 Aug 2016 18:11:49 +0200 Subject: Use dpkg-architecture in cups-config to make it diff --git a/debian/patches/default_log_settings.patch b/debian/patches/default_log_settings.patch index a51a7ccc6..01916747b 100644 --- a/debian/patches/default_log_settings.patch +++ b/debian/patches/default_log_settings.patch @@ -1,4 +1,4 @@ -From 97c108f0306b3e35bd704eec918e89e8f3c87de4 Mon Sep 17 00:00:00 2001 +From b30fef90d7bb5fe6f8737a264a22a7f2384adb11 Mon Sep 17 00:00:00 2001 From: Didier Raboud <odyx@debian.org> Date: Tue, 9 Aug 2016 18:11:40 +0200 Subject: Deactivate CUPS' own log rotating as the system already provides a diff --git a/debian/patches/do-not-broadcast-with-hostnames.patch b/debian/patches/do-not-broadcast-with-hostnames.patch index 73630689d..01bb5991c 100644 --- a/debian/patches/do-not-broadcast-with-hostnames.patch +++ b/debian/patches/do-not-broadcast-with-hostnames.patch @@ -1,4 +1,4 @@ -From 1c9aacb0071bfd15a9b278e4339324345cf33b1b Mon Sep 17 00:00:00 2001 +From d0c73e2c646a4bcc8f7f3ce7955aa68060b72aa9 Mon Sep 17 00:00:00 2001 From: Till Kampetter <till.kampetter@gmail.com> Date: Tue, 9 Aug 2016 18:11:35 +0200 Subject: Do not use host names for broadcasting print queues and diff --git a/debian/patches/drop_unnecessary_dependencies.patch b/debian/patches/drop_unnecessary_dependencies.patch index b341543e6..435a68050 100644 --- a/debian/patches/drop_unnecessary_dependencies.patch +++ b/debian/patches/drop_unnecessary_dependencies.patch @@ -1,4 +1,4 @@ -From 9b521dc8c038f6ab2752bc2007c8ab4b44323356 Mon Sep 17 00:00:00 2001 +From c08f77e7b10b20b165b016630673fcc995c3af43 Mon Sep 17 00:00:00 2001 From: Martin Pitt <mpitt@debian.org> Date: Tue, 9 Aug 2016 18:11:25 +0200 Subject: Do not link libcups.so and libcupsimage.so against diff --git a/debian/patches/log-debug-history-nearly-unlimited.patch b/debian/patches/log-debug-history-nearly-unlimited.patch index 5fca291e3..ebfb4041c 100644 --- a/debian/patches/log-debug-history-nearly-unlimited.patch +++ b/debian/patches/log-debug-history-nearly-unlimited.patch @@ -1,4 +1,4 @@ -From b364d933443ef4dbda67fd3faf75641dc86e142a Mon Sep 17 00:00:00 2001 +From 7a74f6bea31a411f6b4abad35f65e0fa6b6d027d Mon Sep 17 00:00:00 2001 From: Till Kampetter <till.kampetter@gmail.com> Date: Tue, 9 Aug 2016 18:11:45 +0200 Subject: Make log debug history nearly unlimited diff --git a/debian/patches/logfiles_adm_readable.patch b/debian/patches/logfiles_adm_readable.patch index 058e9dc2e..92008bd61 100644 --- a/debian/patches/logfiles_adm_readable.patch +++ b/debian/patches/logfiles_adm_readable.patch @@ -1,4 +1,4 @@ -From 3cfc3305864f324af844580c83a8a973e46c0d5f Mon Sep 17 00:00:00 2001 +From 7f79135753e153d40f07e3cc1f95c1f7d1899e4c Mon Sep 17 00:00:00 2001 From: Martin Pitt <mpitt@debian.org> Date: Tue, 9 Aug 2016 18:11:38 +0200 Subject: Make log files readable to group "adm", if present. diff --git a/debian/patches/man-cups-lpd-drop-dangling-references.patch b/debian/patches/man-cups-lpd-drop-dangling-references.patch index 08773112b..9e1f0c3f9 100644 --- a/debian/patches/man-cups-lpd-drop-dangling-references.patch +++ b/debian/patches/man-cups-lpd-drop-dangling-references.patch @@ -1,4 +1,4 @@ -From 018290b8288a23d8ecf1d61c8a26aaf09b2f86d7 Mon Sep 17 00:00:00 2001 +From 4f009c7df705466dd6a69c087c6b548d3bc9e25a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <bastien.roucaries@u-cergy.fr> Date: Tue, 9 Aug 2016 18:11:48 +0200 Subject: Drop dangling references from cups-lpd.man diff --git a/debian/patches/manpage-translations.patch b/debian/patches/manpage-translations.patch index e9a86c3ba..c85be2e35 100644 --- a/debian/patches/manpage-translations.patch +++ b/debian/patches/manpage-translations.patch @@ -1,4 +1,4 @@ -From 145b38346c4db876915a426f2f921a75bdd4f966 Mon Sep 17 00:00:00 2001 +From d8ce1e7f130c773f37fd63f33cf85a8847d90177 Mon Sep 17 00:00:00 2001 From: Didier Raboud <odyx@debian.org> Date: Tue, 9 Aug 2016 18:11:50 +0200 Subject: po4a infrastructure and translations for manpages. diff --git a/debian/patches/move-cupsd-conf-default-to-share.patch b/debian/patches/move-cupsd-conf-default-to-share.patch index fffabc577..a230dcf5a 100644 --- a/debian/patches/move-cupsd-conf-default-to-share.patch +++ b/debian/patches/move-cupsd-conf-default-to-share.patch @@ -1,4 +1,4 @@ -From 68de1d5dce843e71426eacad8500dc7da081cdb0 Mon Sep 17 00:00:00 2001 +From 1f4f6676f85dd3b5722ac497c45d389bee78843f Mon Sep 17 00:00:00 2001 From: Didier Raboud <odyx@debian.org> Date: Tue, 9 Aug 2016 18:11:24 +0200 Subject: Move cupsd.conf.default from SERVERROOT to DATADIR diff --git a/debian/patches/no-conffile-timestamp.patch b/debian/patches/no-conffile-timestamp.patch index 44f1f350d..85023087f 100644 --- a/debian/patches/no-conffile-timestamp.patch +++ b/debian/patches/no-conffile-timestamp.patch @@ -1,4 +1,4 @@ -From bfae1b7b1ab669e863c400ccc7f265ea4bf3dc1c Mon Sep 17 00:00:00 2001 +From b88322fe28a6cec1f13b625e40b43569bdeb7cd6 Mon Sep 17 00:00:00 2001 From: Joey Hess <joeyh@debian.org> Date: Tue, 9 Aug 2016 18:11:31 +0200 Subject: Disable time stamps in conffiles, to avoid ever-changing files in diff --git a/debian/patches/printer-filtering.patch b/debian/patches/printer-filtering.patch index a80b3f0b3..6a6fa8455 100644 --- a/debian/patches/printer-filtering.patch +++ b/debian/patches/printer-filtering.patch @@ -1,4 +1,4 @@ -From 7e9229575d043043d6ad34d0b16d8f56f879b844 Mon Sep 17 00:00:00 2001 +From 1d1724494b47d79f49729a26fa6df1bbb8ad593c Mon Sep 17 00:00:00 2001 From: Julien Desfossez at Revolution Linux <Julien Desfossez at Revolution Linux> Date: Tue, 9 Aug 2016 18:11:42 +0200 @@ -13,7 +13,7 @@ Patch-Name: printer-filtering.patch 1 file changed, 116 insertions(+) diff --git a/cups/ipp.c b/cups/ipp.c -index a93e1e921..abb80b15a 100644 +index 57d962058..17273eee3 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -2739,6 +2739,120 @@ ippNew(void) diff --git a/debian/patches/reactivate_recommended_driver.patch b/debian/patches/reactivate_recommended_driver.patch index 6cbaa08f5..dba949403 100644 --- a/debian/patches/reactivate_recommended_driver.patch +++ b/debian/patches/reactivate_recommended_driver.patch @@ -1,4 +1,4 @@ -From b28d3b493025f9952fcc049bbebd45518c2238d8 Mon Sep 17 00:00:00 2001 +From 8e2c33e5580c44a92201c452f1d4a823cf57b694 Mon Sep 17 00:00:00 2001 From: Till Kampetter <till.kampetter@gmail.com> Date: Tue, 9 Aug 2016 18:11:36 +0200 Subject: CUPS removes the "(recommended)" comments of the NickNames of diff --git a/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch b/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch index 8ea52b92d..63895bed3 100644 --- a/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch +++ b/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch @@ -1,4 +1,4 @@ -From 5082c6ec26696a170ce0587e4244b7bda3feb14a Mon Sep 17 00:00:00 2001 +From 5ec26c435b0b91e926c932a3deeb257c2aa3be9a Mon Sep 17 00:00:00 2001 From: Till Kamppeter <till.kamppeter@gmail.com> Date: Tue, 9 Aug 2016 18:11:27 +0200 Subject: Make CUPS reading all option settings in PostScript print @@ -19,10 +19,10 @@ Patch-Name: read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs. 1 file changed, 84 insertions(+) diff --git a/scheduler/ipp.c b/scheduler/ipp.c -index d4e092d65..9ee8942b3 100644 +index d1c6a89fb..d1b9140d3 100644 --- a/scheduler/ipp.c +++ b/scheduler/ipp.c -@@ -8699,6 +8699,11 @@ read_job_ticket(cupsd_client_t *con) /* I - Client connection */ +@@ -8721,6 +8721,11 @@ read_job_ticket(cupsd_client_t *con) /* I - Client connection */ ipp_attribute_t *attr, /* Current attribute */ *attr2, /* Job attribute */ *prev2; /* Previous job attribute */ @@ -34,7 +34,7 @@ index d4e092d65..9ee8942b3 100644 /* -@@ -8759,6 +8764,85 @@ read_job_ticket(cupsd_client_t *con) /* I - Client connection */ +@@ -8781,6 +8786,85 @@ read_job_ticket(cupsd_client_t *con) /* I - Client connection */ num_options = cupsParseOptions(line + 15, num_options, &options); } diff --git a/debian/patches/removecvstag.patch b/debian/patches/removecvstag.patch index af99ab412..6b41800a5 100644 --- a/debian/patches/removecvstag.patch +++ b/debian/patches/removecvstag.patch @@ -1,4 +1,4 @@ -From 0ee69706132710d221891f13aaa8f369f6683691 Mon Sep 17 00:00:00 2001 +From 9da2c1b91d2bfffd9ee2f1511fcf64533c8764f6 Mon Sep 17 00:00:00 2001 From: Kenshi Muto <kmuto@debian.org> Date: Tue, 9 Aug 2016 18:11:33 +0200 Subject: Do not write VCS tags into installed conffiles diff --git a/debian/patches/rename-systemd-units.patch b/debian/patches/rename-systemd-units.patch index 0e19fb3c9..cbb704cf3 100644 --- a/debian/patches/rename-systemd-units.patch +++ b/debian/patches/rename-systemd-units.patch @@ -1,4 +1,4 @@ -From a0bd697237cc5a45fc91d50f9c9626bd62160504 Mon Sep 17 00:00:00 2001 +From 4fbb56d0592ec5a202fdaf3c2f656349dbf074c3 Mon Sep 17 00:00:00 2001 From: Didier Raboud <odyx@debian.org> Date: Tue, 9 Aug 2016 18:11:34 +0200 Subject: Rename the systemd service file from org.cups.cups.* to cups.* diff --git a/debian/patches/series b/debian/patches/series index be6da2c57..393da2f11 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -13,7 +13,7 @@ tests-fix-ppdLocalize-on-unclean-env.patch tests-use-ipv4-lo-address.patch tests-make-lpstat-call-reproducible.patch tests-no-pdftourf.patch -0016-Revert-Generalize-the-input-validation-of-some-kinds.patch +0016-Fix-regressions-in-ippValidateAttribute-Issue-5322-I.patch move-cupsd-conf-default-to-share.patch drop_unnecessary_dependencies.patch read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch diff --git a/debian/patches/show-compile-command-lines.patch b/debian/patches/show-compile-command-lines.patch index 4cae19d84..4cef157a8 100644 --- a/debian/patches/show-compile-command-lines.patch +++ b/debian/patches/show-compile-command-lines.patch @@ -1,4 +1,4 @@ -From 6d82eb7cd6af4178e1c2501e8ba90446644cc14e Mon Sep 17 00:00:00 2001 +From 3029e559bb41890f0c9a7cc2efa73687772f39b9 Mon Sep 17 00:00:00 2001 From: Till Kampetter <till.kampetter@gmail.com> Date: Tue, 9 Aug 2016 18:11:43 +0200 Subject: Show compile command lines diff --git a/debian/patches/tests-no-pdftourf.patch b/debian/patches/tests-no-pdftourf.patch index 66646fc53..73a551bfa 100644 --- a/debian/patches/tests-no-pdftourf.patch +++ b/debian/patches/tests-no-pdftourf.patch @@ -1,7 +1,7 @@ -From a5eec0f9aacb302e6559e642936b520139d2a9e5 Mon Sep 17 00:00:00 2001 +From d6f92953b4e8bddafeae068fe5e9005dcf4b30f9 Mon Sep 17 00:00:00 2001 From: Michael Sweet <michael.r.sweet@gmail.com> Date: Tue, 9 Aug 2016 18:11:23 +0200 -Subject: revert commit 830cfed95a5349b008999eebd34f5233bc35829c +Subject: Revert pdftourf filter addition in tests "Update "make test" to include alternate filter." . diff --git a/scheduler/ipp.c b/scheduler/ipp.c index 9ee8942b3..d1b9140d3 100644 --- a/scheduler/ipp.c +++ b/scheduler/ipp.c @@ -5873,7 +5873,26 @@ create_subscriptions( } if (recipient) + { cupsdLogMessage(CUPSD_LOG_DEBUG, "recipient=\"%s\"", recipient); + + + if (!strncmp(recipient, "mailto:", 7) && user_data) + { + char temp[64]; /* Temporary string */ + + memcpy(temp, user_data->values[0].unknown.data, user_data->values[0].unknown.length); + temp[user_data->values[0].unknown.length] = '\0'; + + if (httpSeparateURI(HTTP_URI_CODING_ALL, temp, scheme, sizeof(scheme), userpass, sizeof(userpass), host, sizeof(host), &port, resource, sizeof(resource)) < HTTP_URI_OK) + { + send_ipp_status(con, IPP_NOT_POSSIBLE, _("Bad notify-user-data \"%s\"."), temp); + ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_ENUM, "notify-status-code", IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES); + return; + } + } + } + if (pullmethod) cupsdLogMessage(CUPSD_LOG_DEBUG, "pullmethod=\"%s\"", pullmethod); cupsdLogMessage(CUPSD_LOG_DEBUG, "notify-lease-duration=%d", lease); @@ -7969,13 +7988,16 @@ hold_job(cupsd_client_t *con, /* I - Client connection */ * Hold the job and return... */ - if ((attr = ippFindAttribute(con->request, "job-hold-until", - IPP_TAG_KEYWORD)) == NULL) - attr = ippFindAttribute(con->request, "job-hold-until", IPP_TAG_NAME); - - if (attr) + if ((attr = ippFindAttribute(con->request, "job-hold-until", IPP_TAG_ZERO)) != NULL) { - when = attr->values[0].string.text; + if ((ippGetValueTag(attr) != IPP_TAG_KEYWORD && ippGetValueTag(attr) != IPP_TAG_NAME && ippGetValueTag(attr) != IPP_TAG_NAMELANG) || ippGetCount(attr) != 1 || !ippValidateAttribute(attr)) + { + send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-hold-until' value.")); + ippCopyAttribute(con->response, attr, 0); + return; + } + + when = ippGetString(attr, 0, NULL); cupsdAddEvent(CUPSD_EVENT_JOB_CONFIG_CHANGED, cupsdFindDest(job->dest), job, "Job job-hold-until value changed by user."); @@ -10423,7 +10445,39 @@ set_job_attrs(cupsd_client_t *con, /* I - Client connection */ continue; } - if (!strcmp(attr->name, "job-priority")) + if (!ippValidateAttribute(attr)) + { + send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Bad '%s' value."), attr->name); + ippCopyAttribute(con->response, attr, 0); + return; + } + + if (!strcmp(attr->name, "job-hold-until")) + { + const char *when = ippGetString(attr, 0, NULL); + /* job-hold-until value */ + + if ((ippGetValueTag(attr) != IPP_TAG_KEYWORD && ippGetValueTag(attr) != IPP_TAG_NAME && ippGetValueTag(attr) != IPP_TAG_NAMELANG) || ippGetCount(attr) != 1) + { + send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-hold-until' value.")); + ippCopyAttribute(con->response, attr, 0); + return; + } + + cupsdLogJob(job, CUPSD_LOG_DEBUG, "Setting job-hold-until to %s", when); + cupsdSetJobHoldUntil(job, when, 0); + + if (!strcmp(when, "no-hold")) + { + cupsdReleaseJob(job); + check_jobs = 1; + } + else + cupsdSetJobState(job, IPP_JOB_HELD, CUPSD_JOB_DEFAULT, "Job held by \"%s\".", username); + + event |= CUPSD_EVENT_JOB_CONFIG_CHANGED | CUPSD_EVENT_JOB_STATE; + } + else if (!strcmp(attr->name, "job-priority")) { /* * Change the job priority... @@ -10543,28 +10597,6 @@ set_job_attrs(cupsd_client_t *con, /* I - Client connection */ */ ippCopyAttribute(job->attrs, attr, 0); - - /* - * See if the job-name or job-hold-until is being changed. - */ - - if (!strcmp(attr->name, "job-hold-until")) - { - cupsdLogJob(job, CUPSD_LOG_DEBUG, "Setting job-hold-until to %s", - attr->values[0].string.text); - cupsdSetJobHoldUntil(job, attr->values[0].string.text, 0); - - if (!strcmp(attr->values[0].string.text, "no-hold")) - { - cupsdReleaseJob(job); - check_jobs = 1; - } - else - cupsdSetJobState(job, IPP_JOB_HELD, CUPSD_JOB_DEFAULT, - "Job held by \"%s\".", username); - - event |= CUPSD_EVENT_JOB_CONFIG_CHANGED | CUPSD_EVENT_JOB_STATE; - } } else if (attr->value_tag == IPP_TAG_DELETEATTR) { @@ -11383,80 +11415,34 @@ validate_job(cupsd_client_t *con, /* I - Client connection */ } /* + * Is the job-hold-until value valid? + */ + + if ((attr = ippFindAttribute(con->request, "job-hold-until", IPP_TAG_ZERO)) != NULL && ((ippGetValueTag(attr) != IPP_TAG_KEYWORD && ippGetValueTag(attr) != IPP_TAG_NAME && ippGetValueTag(attr) != IPP_TAG_NAMELANG) || ippGetCount(attr) != 1 || !ippValidateAttribute(attr))) + { + send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-hold-until' value.")); + ippCopyAttribute(con->response, attr, 0); + return; + } + + /* * Is the job-name valid? */ if ((name = ippFindAttribute(con->request, "job-name", IPP_TAG_ZERO)) != NULL) { - int bad_name = 0; /* Is the job-name value bad? */ - if ((name->value_tag != IPP_TAG_NAME && name->value_tag != IPP_TAG_NAMELANG) || - name->num_values != 1) - { - bad_name = 1; - } - else - { - /* - * Validate that job-name conforms to RFC 5198 (Network Unicode) and - * IPP Everywhere requirements for "name" values... - */ - - const unsigned char *nameptr; /* Pointer into "job-name" attribute */ - - for (nameptr = (unsigned char *)name->values[0].string.text; - *nameptr; - nameptr ++) - { - if (*nameptr < ' ' && *nameptr != '\t') - break; - else if (*nameptr == 0x7f) - break; - else if ((*nameptr & 0xe0) == 0xc0) - { - if ((nameptr[1] & 0xc0) != 0x80) - break; - - nameptr ++; - } - else if ((*nameptr & 0xf0) == 0xe0) - { - if ((nameptr[1] & 0xc0) != 0x80 || - (nameptr[2] & 0xc0) != 0x80) - break; - - nameptr += 2; - } - else if ((*nameptr & 0xf8) == 0xf0) - { - if ((nameptr[1] & 0xc0) != 0x80 || - (nameptr[2] & 0xc0) != 0x80 || - (nameptr[3] & 0xc0) != 0x80) - break; - - nameptr += 3; - } - else if (*nameptr & 0x80) - break; - } - - if (*nameptr) - bad_name = 1; - } - - if (bad_name) + name->num_values != 1 || !ippValidateAttribute(name)) { if (StrictConformance) { - send_ipp_status(con, IPP_ATTRIBUTES, - _("Unsupported 'job-name' value.")); + send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("Unsupported 'job-name' value.")); ippCopyAttribute(con->response, name, 0); return; } else { - cupsdLogMessage(CUPSD_LOG_WARN, - "Unsupported 'job-name' value, deleting from request."); + cupsdLogMessage(CUPSD_LOG_WARN, "Unsupported 'job-name' value, deleting from request."); ippDeleteAttribute(con->request, name); } } |