From a3d30ffb5b6e4400038e8cb10b74b434d270e16d Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Dec 10 2009 18:17:41 +0000 Subject: - Fixed invalid read in cupsAddDest (bug #547460). --- diff --git a/cups-str3448.patch b/cups-str3448.patch new file mode 100644 index 0000000..4233e7e --- /dev/null +++ b/cups-str3448.patch @@ -0,0 +1,16 @@ +diff -up cups-1.4.2/cups/dest.c.str3448 cups-1.4.2/cups/dest.c +--- cups-1.4.2/cups/dest.c.str3448 2009-08-28 23:54:34.000000000 +0100 ++++ cups-1.4.2/cups/dest.c 2009-12-10 18:15:50.910079549 +0000 +@@ -145,6 +145,12 @@ cupsAddDest(const char *name, /* I - + + dest = cups_add_dest(name, instance, &num_dests, dests); + ++ /* ++ * Find the base dest again now the array has been realloc'd. ++ */ ++ ++ parent = cupsGetDest(name, NULL, num_dests, *dests); ++ + if (instance && parent && parent->num_options > 0) + { + /* diff --git a/cups.spec b/cups.spec index 2a02eb3..43c0af9 100644 --- a/cups.spec +++ b/cups.spec @@ -9,7 +9,7 @@ Summary: Common Unix Printing System Name: cups Version: 1.4.2 -Release: 15%{?dist} +Release: 16%{?dist} License: GPLv2 Group: System Environment/Daemons Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2 @@ -28,6 +28,7 @@ Source15: textonly.ppd Patch1: cups-no-gzip-man.patch Patch2: cups-1.1.16-system-auth.patch Patch3: cups-multilib.patch +Patch4: cups-str3448.patch Patch5: cups-serial.patch Patch6: cups-banners.patch Patch7: cups-serverbin-compat.patch @@ -206,6 +207,7 @@ module. %patch1 -p1 -b .no-gzip-man %patch2 -p1 -b .system-auth %patch3 -p1 -b .multilib +%patch4 -p1 -b .str3448 %patch5 -p1 -b .serial %patch6 -p1 -b .banners %patch7 -p1 -b .serverbin-compat @@ -543,6 +545,9 @@ rm -rf $RPM_BUILD_ROOT %{php_extdir}/phpcups.so %changelog +* Thu Dec 10 2009 Tim Waugh - 1:1.4.2-16 +- Fixed invalid read in cupsAddDest (bug #547460). + * Wed Dec 9 2009 Tim Waugh - 1:1.4.2-15 - Use upstream patch to fix scheduler crash when an active printer was deleted (rev 8914).