From 33f9d9fbce0fec2aa8683ac9111ad93f5230f1d6 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 05 2022 10:56:27 +0000 Subject: import cups-2.3.3op2-13.el9 --- diff --git a/SOURCES/0001-cups-http-encode-memleaks-fixes-issue-322.patch b/SOURCES/0001-cups-http-encode-memleaks-fixes-issue-322.patch new file mode 100644 index 0000000..2dbfb7e --- /dev/null +++ b/SOURCES/0001-cups-http-encode-memleaks-fixes-issue-322.patch @@ -0,0 +1,53 @@ +From d9924186325c89aefa56e36258f56f246dd2c4ad Mon Sep 17 00:00:00 2001 +From: Richard Lescak +Date: Tue, 11 Jan 2022 10:53:34 +0100 +Subject: [PATCH] cups/http.c,encode.c: Fix memory leaks + +--- + CHANGES.md | 3 ++- + cups/encode.c | 1 + + cups/http.c | 1 + + 3 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/cups/encode.c b/cups/encode.c +index 5bcbf6fe5..15b1c6b40 100644 +--- a/cups/encode.c ++++ b/cups/encode.c +@@ -655,6 +655,7 @@ _cupsEncodeOption( + ippSetCollection(ipp, &attr, i, collection); + cupsEncodeOptions2(collection, num_cols, cols, IPP_TAG_JOB); + cupsFreeOptions(num_cols, cols); ++ ippDelete(collection); + break; + + default : +diff --git a/cups/http.c b/cups/http.c +index bd41e6f8e..4b6a24bd3 100644 +--- a/cups/http.c ++++ b/cups/http.c +@@ -4624,6 +4624,7 @@ http_tls_upgrade(http_t *http) /* I - HTTP connection */ + * Restore the HTTP request data... + */ + ++ httpClearFields(http); + memcpy(http->_fields, myhttp._fields, sizeof(http->_fields)); + memcpy(http->fields, myhttp.fields, sizeof(http->fields)); + +diff --git a/cups/ppd.c b/cups/ppd.c +index 525df3592..54368ac4c 100644 +--- a/cups/ppd.c ++++ b/cups/ppd.c +@@ -3430,12 +3430,12 @@ ppd_update_filters(ppd_file_t *ppd, /* I - PPD file */ + srctype[256], + dstsuper[16], /* Destination MIME media type */ + dsttype[256], +- program[1024], /* Command to run */ + *ptr, /* Pointer into command to run */ + buffer[1024], /* Re-written cupsFilter value */ + **filter; /* Current filter */ + int cost; /* Cost of filter */ + ++ char program[1024] = { 0 }; /* Command to run */ + + DEBUG_printf(("4ppd_update_filters(ppd=%p, cg=%p)", ppd, pg)); + diff --git a/SPECS/cups.spec b/SPECS/cups.spec index c704557..8b0b442 100644 --- a/SPECS/cups.spec +++ b/SPECS/cups.spec @@ -17,7 +17,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.3.3%{OP_VER} -Release: 11%{?dist} +Release: 13%{?dist} License: ASL 2.0 Url: http://www.cups.org/ # Apple stopped uploading the new versions into github, use OpenPrinting fork @@ -94,6 +94,9 @@ Patch23: 0001-Add-with-idle-exit-timeout-configure-option.patch Patch24: 0001-Add-with-systemd-timeoutstartsec-configure-option.patch # 1935051 - [FIPS] cups library can use sha-1 and uses internal MD5 Patch25: cups-fips-restrict-md5.patch +# Memory leak fixes (bug #1964975) +# https://github.com/OpenPrinting/cups/pull/322 +Patch26: 0001-cups-http-encode-memleaks-fixes-issue-322.patch ##### Patches removed because IMHO they aren't no longer needed @@ -320,6 +323,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in %patch24 -p1 -b .conf-timeoutstartsec # 1935051 - [FIPS] cups library can use sha-1 and uses internal MD5 %patch25 -p1 -b .restrict-md5 +# 1964975 - Memory leak fixes +%patch26 -p1 -b .memleak-fixes %if %{lspp} @@ -744,6 +749,12 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man7/ippeveps.7.gz %changelog +* Thu Feb 24 2022 Richard Lescak - 1:2.3.3op2-13 +- 1964975 - added fix for uninit jump into the leaks patch + +* Wed Jan 12 2022 Richard Lescak - 1:2.3.3op2-12 +- 1964975 - memory leaks in http_tls_upgrade() and _cupsEncodeOption() + * Mon Dec 06 2021 Zdenek Dohnal - 1:2.3.3op2-11 - 1935051 - [FIPS] cups library can use sha-1 and uses internal MD5