diff options
Diffstat (limited to 'print/cups/patches/patch-scheduler_client.c')
| -rw-r--r-- | print/cups/patches/patch-scheduler_client.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/print/cups/patches/patch-scheduler_client.c b/print/cups/patches/patch-scheduler_client.c new file mode 100644 index 00000000000..8822cf2c6b7 --- /dev/null +++ b/print/cups/patches/patch-scheduler_client.c @@ -0,0 +1,22 @@ +$NetBSD: patch-scheduler_client.c,v 1.1.2.2 2014/05/16 14:30:01 tron Exp $ + +Fix for CVE-2014-2856 from +http://www.cups.org/str.php?L4356 + +--- scheduler/client.c.orig 2012-03-07 06:05:39.000000000 +0000 ++++ scheduler/client.c +@@ -4075,6 +4075,14 @@ is_path_absolute(const char *path) /* I + return (0); + + /* ++ * Check for "<" or quotes in the path and reject since this is probably ++ * someone trying to inject HTML... ++ */ ++ ++ if (strchr(path, '<') != NULL || strchr(path, '\"') != NULL || strchr(path, '\'') != NULL) ++ return (0); ++ ++ /* + * Check for "/.." in the path... + */ + |