Generalize the input validation of some kinds of attributes.

cups/ipp.c: - ippValidateAttribute: Do C0/DEL checks for name and text values, per IPP Everywhere. cups/testhttp.c: - Add URI test case containing a newline. scheduler/ipp.c: - create_subscriptions: Validate notify-user-data for mailto:. - hold_job: Validate job-hold-until. - set_job_attrs: Validate all attributes, specific checks for job-hold-until. - validate_job: Add missing job-hold-until validation, move job-name validation to ippValidateAttribute function.
author: Michael R Sweet <michael.r.sweet@gmail.com> 2018-05-11 12:02:27 -0700
committer: Michael R Sweet <michael.r.sweet@gmail.com> 2018-05-11 12:02:27 -0700
commit: 4c37eb9f77910f6f856fc540fc9a94a5885af17c (patch)
tree: 0049f352012b2f663743698ca532a7b3a0acf8a7 /cups
parent: 66021bfa9043961f0ace0b6a5a82d181d606e755 (diff)
2 files changed, 26 insertions, 35 deletions
diff --git a/cups/ipp.c b/cups/ipp.c
index 0adc3efcf..512ccd517 100644
--- a/cups/ipp.c
+++ b/cups/ipp.c
@@ -1,8 +1,8 @@
 /*
  * Internet Printing Protocol functions for CUPS.
  *
- * Copyright 2007-2017 by Apple Inc.
- * Copyright 1997-2007 by Easy Software Products, all rights reserved.
+ * Copyright © 2007-2018 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products, all rights reserved.
  *
  * These coded instructions, statements, and computer programs are the
  * property of Apple Inc. and are protected by Federal copyright
@@ -4812,21 +4812,6 @@ ippValidateAttribute(
   ipp_attribute_t *colattr;		/* Collection attribute */
   regex_t	re;			/* Regular expression */
   ipp_uchar_t	*date;			/* Current date value */
-  static const char * const uri_status_strings[] =
-  {					/* URI status strings */
-    "URI too large",
-    "Bad arguments to function",
-    "Bad resource in URI",
-    "Bad port number in URI",
-    "Bad hostname/address in URI",
-    "Bad username in URI",
-    "Bad scheme in URI",
-    "Bad/empty URI",
-    "OK",
-    "Missing scheme in URI",
-    "Unknown scheme in URI",
-    "Missing resource in URI"
-  };
 
 
  /*
@@ -5101,14 +5086,18 @@ ippValidateAttribute(
 	    }
 	    else if (*ptr & 0x80)
 	      break;
+	    else if ((*ptr < ' ' && *ptr != '\n' && *ptr != '\r' && *ptr != '\t') || *ptr == 0x7f)
+	      break;
 	  }
 
-	  if (*ptr)
+	  if (*ptr < ' ' || *ptr == 0x7f)
 	  {
-	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST,
-			  _("\"%s\": Bad text value \"%s\" - bad UTF-8 "
-			    "sequence (RFC 8011 section 5.1.2)."), attr->name,
-			  attr->values[i].string.text);
+	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text);
+	    return (0);
+	  }
+	  else if (*ptr)
+	  {
+	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text);
 	    return (0);
 	  }
 
@@ -5159,14 +5148,18 @@ ippValidateAttribute(
 	    }
 	    else if (*ptr & 0x80)
 	      break;
+	    else if (*ptr < ' ' || *ptr == 0x7f)
+	      break;
 	  }
 
-	  if (*ptr)
+	  if (*ptr < ' ' || *ptr == 0x7f)
 	  {
-	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST,
-			  _("\"%s\": Bad name value \"%s\" - bad UTF-8 "
-			    "sequence (RFC 8011 section 5.1.3)."), attr->name,
-			  attr->values[i].string.text);
+	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text);
+	    return (0);
+	  }
+	  else if (*ptr)
+	  {
+	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text);
 	    return (0);
 	  }
 
@@ -5223,12 +5216,7 @@ ippValidateAttribute(
 
 	  if (uri_status < HTTP_URI_STATUS_OK)
 	  {
-	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST,
-			  _("\"%s\": Bad URI value \"%s\" - %s "
-			    "(RFC 8011 section 5.1.6)."), attr->name,
-			  attr->values[i].string.text,
-			  uri_status_strings[uri_status -
-					     HTTP_URI_STATUS_OVERFLOW]);
+	    ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad URI value \"%s\" - %s (RFC 8011 section 5.1.6)."), attr->name, attr->values[i].string.text, httpURIStatusString(uri_status));
 	    return (0);
 	  }
 
diff --git a/cups/testhttp.c b/cups/testhttp.c
index 376d71f66..f53e09e33 100644
--- a/cups/testhttp.c
+++ b/cups/testhttp.c
@@ -1,8 +1,8 @@
 /*
  * HTTP test program for CUPS.
  *
- * Copyright 2007-2014 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2018 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
  * These coded instructions, statements, and computer programs are the
  * property of Apple Inc. and are protected by Federal copyright
@@ -180,6 +180,9 @@ static uri_test_t	uri_tests[] =	/* URI test data */
 			    HTTP_URI_CODING_MOST  },
 
 			  /* Bad resource */
+			  { HTTP_URI_STATUS_BAD_RESOURCE, "mailto:\r\nbla",
+			    "mailto", "", "", "", 0, 0,
+			    HTTP_URI_CODING_MOST  },
 			  { HTTP_URI_STATUS_BAD_RESOURCE, "http://server/index.html%",
 			    "http", "", "server", "", 80, 0,
 			    HTTP_URI_CODING_MOST  },
author	Michael R Sweet <michael.r.sweet@gmail.com>	2018-05-11 12:02:27 -0700
committer	Michael R Sweet <michael.r.sweet@gmail.com>	2018-05-11 12:02:27 -0700
commit	4c37eb9f77910f6f856fc540fc9a94a5885af17c (patch)
tree	0049f352012b2f663743698ca532a7b3a0acf8a7 /cups
parent	66021bfa9043961f0ace0b6a5a82d181d606e755 (diff)