]>
Commit | Line | Data |
---|---|---|
7b3d0e7f JB |
1 | CAN-2004-0923 fix (taken from Debian) |
2 | --- cupsys-1.1.14.orig/scheduler/ipp.c | |
3 | +++ cupsys-1.1.14/scheduler/ipp.c | |
4 | @@ -1134,7 +1165,9 @@ | |
5 | } | |
6 | ||
7 | LogMessage(L_INFO, "Setting %s device-uri to \"%s\" (was \"%s\".)", | |
8 | - printer->name, attr->values[0].string.text, printer->device_uri); | |
9 | + printer->name, | |
10 | + cupsdSanitizeURI(attr->values[0].string.text, line, sizeof(line)), | |
11 | + cupsdSanitizeURI(printer->device_uri, resource, sizeof(resource))); | |
12 | ||
13 | strncpy(printer->device_uri, attr->values[0].string.text, | |
14 | sizeof(printer->device_uri) - 1); | |
15 | --- cupsys-1.1.14.orig/scheduler/job.c | |
16 | +++ cupsys-1.1.14/scheduler/job.c | |
17 | @@ -1053,6 +1053,7 @@ | |
18 | classification[1024], /* CLASSIFICATION environment variable */ | |
19 | content_type[255],/* CONTENT_TYPE environment variable */ | |
20 | device_uri[1024],/* DEVICE_URI environment variable */ | |
21 | + sani_uri[1024], /* Sanitized DEVICE_URI env var */ | |
22 | ppd[1024], /* PPD environment variable */ | |
23 | printer_name[255],/* PRINTER environment variable */ | |
24 | root[1024], /* CUPS_SERVERROOT environment variable */ | |
25 | @@ -1470,13 +1471,13 @@ | |
26 | envp[16] = classification; | |
27 | envp[17] = NULL; | |
28 | ||
29 | - LogMessage(L_DEBUG, "StartJob: envp = \"%s\",\"%s\",\"%s\",\"%s\"," | |
30 | - "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"," | |
31 | - "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"", | |
32 | - envp[0], envp[1], envp[2], envp[3], envp[4], | |
33 | - envp[5], envp[6], envp[7], envp[8], envp[9], | |
34 | - envp[10], envp[11], envp[12], envp[13], envp[14], | |
35 | - envp[15], envp[16]); | |
36 | + for (i = 0; i < 17; i ++) | |
37 | + if (strncmp(envp[i], "DEVICE_URI=", 11)) | |
38 | + LogMessage(L_DEBUG, "StartJob: envp[%d]=\"%s\"", i, envp[i]); | |
39 | + else | |
40 | + LogMessage(L_DEBUG, "StartJob: envp[%d]=\"DEVICE_URI=%s\"", i, | |
41 | + cupsdSanitizeURI(printer->device_uri, sani_uri, | |
42 | + sizeof(sani_uri))); | |
43 | ||
44 | current->current_file ++; | |
45 | ||
46 | --- cupsys-1.1.14.orig/scheduler/printers.c | |
47 | +++ cupsys-1.1.14/scheduler/printers.c | |
48 | @@ -39,6 +39,7 @@ | |
49 | * changed. | |
50 | * StopPrinter() - Stop a printer from printing any jobs... | |
51 | * ValidateDest() - Validate a printer/class destination. | |
52 | + * cupsdSanitizeURI() - Sanitize a device URI... | |
53 | * write_irix_config() - Update the config files used by the IRIX | |
54 | * desktop tools. | |
55 | * write_irix_state() - Update the status files used by IRIX printing | |
56 | @@ -828,11 +829,7 @@ | |
57 | SetPrinterAttrs(printer_t *p) /* I - Printer to setup */ | |
58 | { | |
59 | char uri[HTTP_MAX_URI]; /* URI for printer */ | |
60 | - char method[HTTP_MAX_URI], /* Method portion of URI */ | |
61 | - username[HTTP_MAX_URI], /* Username portion of URI */ | |
62 | - host[HTTP_MAX_URI], /* Host portion of URI */ | |
63 | - resource[HTTP_MAX_URI]; /* Resource portion of URI */ | |
64 | - int port; /* Port portion of URI */ | |
65 | + char resource[HTTP_MAX_URI]; /* Resource portion of URI */ | |
66 | int i; /* Looping var */ | |
67 | char filename[1024]; /* Name of PPD file */ | |
68 | int num_media; /* Number of media options */ | |
69 | @@ -1171,12 +1168,7 @@ | |
70 | * http://..., ipp://..., etc. | |
71 | */ | |
72 | ||
73 | - httpSeparate(p->device_uri, method, username, host, &port, resource); | |
74 | - if (port) | |
75 | - snprintf(uri, sizeof(uri), "%s://%s:%d%s", method, host, port, | |
76 | - resource); | |
77 | - else | |
78 | - snprintf(uri, sizeof(uri), "%s://%s%s", method, host, resource); | |
79 | + cupsdSanitizeURI(p->device_uri, uri, sizeof(uri)); | |
80 | } | |
81 | else | |
82 | { | |
83 | @@ -1795,6 +1787,83 @@ | |
84 | } | |
85 | ||
86 | ||
87 | +/* | |
88 | + * 'cupsdSanitizeURI()' - Sanitize a device URI... | |
89 | + */ | |
90 | + | |
91 | +char * /* O - New device URI */ | |
92 | +cupsdSanitizeURI(const char *uri, /* I - Original device URI */ | |
93 | + char *buffer, /* O - New device URI */ | |
94 | + int buflen) /* I - Size of new device URI buffer */ | |
95 | +{ | |
96 | + char *start, /* Start of data after scheme */ | |
97 | + *slash, /* First slash after scheme:// */ | |
98 | + *ptr; /* Pointer into user@host:port part */ | |
99 | + | |
100 | + | |
101 | + /* | |
102 | + * Range check input... | |
103 | + */ | |
104 | + | |
105 | + if (!uri || !buffer || buflen < 2) | |
106 | + return (NULL); | |
107 | + | |
108 | + /* | |
109 | + * Copy the device URI to the new buffer... | |
110 | + */ | |
111 | + | |
112 | + strncpy(buffer, uri, buflen-1); | |
113 | + buffer[buflen-1] = '\0'; | |
114 | + | |
115 | + /* | |
116 | + * Find the end of the scheme:// part... | |
117 | + */ | |
118 | + | |
119 | + if ((ptr = strchr(buffer, ':')) == NULL) | |
120 | + return (buffer); /* No scheme: part... */ | |
121 | + | |
122 | + for (start = ptr + 1; *start; start ++) | |
123 | + if (*start != '/') | |
124 | + break; | |
125 | + | |
126 | + /* | |
127 | + * Find the next slash (/) in the URI... | |
128 | + */ | |
129 | + | |
130 | + if ((slash = strchr(start, '/')) == NULL) | |
131 | + slash = start + strlen(start); /* No slash, point to the end */ | |
132 | + | |
133 | + /* | |
134 | + * Check for an @ sign before the slash... | |
135 | + */ | |
136 | + | |
137 | + if ((ptr = strchr(start, '@')) != NULL && ptr < slash) | |
138 | + { | |
139 | + /* | |
140 | + * Found an @ sign and it is before the resource part, so we have | |
141 | + * an authentication string. Copy the remaining URI over the | |
142 | + * authentication string... | |
143 | + */ | |
144 | + | |
145 | + /* cups_strcpy(start, ptr + 1); */ | |
146 | + | |
147 | + char *src = ptr + 1; | |
148 | + char *dst = start; | |
149 | + | |
150 | + while (*src) | |
151 | + *dst++ = *src++; | |
152 | + | |
153 | + *dst = '\0'; | |
154 | + } | |
155 | + | |
156 | + /* | |
157 | + * Return the new device URI... | |
158 | + */ | |
159 | + | |
160 | + return (buffer); | |
161 | + } | |
162 | + | |
163 | + | |
164 | #ifdef __sgi | |
165 | /* | |
166 | * 'write_irix_config()' - Update the config files used by the IRIX | |
167 | --- cupsys-1.1.14.orig/scheduler/printers.h | |
168 | +++ cupsys-1.1.14/scheduler/printers.h | |
169 | @@ -111,6 +111,9 @@ | |
170 | const char *resource, | |
171 | cups_ptype_t *dtype); | |
172 | ||
173 | +extern char *cupsdSanitizeURI(const char *uri, char *buffer, | |
174 | + int buflen); | |
175 | + | |
176 | ||
177 | /* | |
178 | * End of "$Id$". |