Sisyphus repositório
Última atualização: 1 outubro 2023 | SRPMs: 18631 | Visitas: 37813694
en ru br
ALT Linux repositórios
S:2.4.7-alt1
5.0: 1.3.10-alt1
4.1: 1.3.10-alt0.M41.4
+updates:1.3.9-alt1.M41.1
4.0: 1.2.12-alt6.M40.9
+updates:1.2.12-alt6.M40.8
3.0: 1.1.20-alt14.1

Group :: Sistema/Servidores
RPM: cups

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs e FR  Repocop 

Patch: cups-1.2.12-CVE-2008-3641.patch
Download

diff -up cups-1.2.4/filter/hpgl-attr.c.CVE-2008-3641 cups-1.2.4/filter/hpgl-attr.c
--- cups-1.2.4/filter/hpgl-attr.c.CVE-2008-3641	2005-02-18 02:18:11.000000000 +0000
+++ cups-1.2.4/filter/hpgl-attr.c	2008-09-30 13:37:07.000000000 +0100
@@ -3,7 +3,7 @@
  *
  *   HP-GL/2 attribute processing for the Common UNIX Printing System (CUPS).
  *
- *   Copyright 1993-2005 by Easy Software Products.
+ *   Copyright 1993-2005, 2008 by Easy Software Products.
  *
  *   These coded instructions, statements, and computer programs are the
  *   property of Easy Software Products and are protected by Federal
@@ -205,8 +205,18 @@ NP_number_pens(int     num_params,	/* I 
 
   if (num_params == 0)
     PenCount = 8;
-  else if (num_params == 1 && params[0].value.number <= 1024)
-    PenCount = (int)params[0].value.number;
+  else if (num_params == 1)
+  {
+    if (params[0].value.number < 1 || params[0].value.number > MAX_PENS)
+    {
+      fprintf(stderr,
+	      "DEBUG: HP-GL/2 \'NP\' command with invalid number of "
+	      "pens (%d)!\n", (int)params[0].value.number);
+      PenCount = 8;
+    }
+    else
+      PenCount = (int)params[0].value.number;
+  }
   else
     fprintf(stderr, "WARNING: HP-GL/2 \'NP\' command with invalid number of parameters (%d)!\n",
             num_params);
@@ -242,7 +252,7 @@ PC_pen_color(int     num_params,	/* I - 
 
   if (num_params == 0)
   {
-    for (i = 0; i <= PenCount; i ++)
+    for (i = 0; i < PenCount; i ++)
       if (i < 8)
       {
         Pens[i].rgb[0] = standard_colors[i][0];
@@ -263,7 +273,14 @@ PC_pen_color(int     num_params,	/* I - 
   }
   else if (num_params == 1 || num_params == 4)
   {
-    i = (int)params[0].value.number;
+    i = (int)params[0].value.number - 1;
+
+    if (i < 0 || i >= PenCount)
+    {
+      fprintf(stderr,
+              "DEBUG: HP-GL/2 \'PC\' command with invalid pen (%d)!\n", i + 1);
+      return;
+    }
 
     if (num_params == 1)
     {
@@ -336,7 +353,15 @@ PW_pen_width(int     num_params,	/* I - 
 
   if (num_params == 2)
   {
-    pen = (int)params[1].value.number;
+    pen = (int)params[1].value.number - 1;
+
+    if (pen < 0 || pen >= PenCount)
+    {
+      fprintf(stderr,
+              "DEBUG: HP-GL/2 \'PW\' command with invalid pen (%d)!\n",
+	      pen + 1);
+      return;
+    }
 
     Pens[pen].width = w;
 
@@ -351,7 +376,7 @@ PW_pen_width(int     num_params,	/* I - 
     * Set width for all pens...
     */
 
-    for (pen = 0; pen <= PenCount; pen ++)
+    for (pen = 0; pen < PenCount; pen ++)
       Pens[pen].width = w;
 
     if (PageDirty)
@@ -404,12 +429,15 @@ SP_select_pen(int     num_params,	/* I -
               param_t *params)		/* I - Parameters */
 {
   if (num_params == 0)
-    PenNumber = 1;
-  else if (params[0].value.number <= PenCount)
-    PenNumber = (int)params[0].value.number;
+    PenNumber = 0;
+  else if (num_params > 1)
+    fprintf(stderr,
+	    "DEBUG: HP-GL/2 \'SP\' command with invalid number of parameters (%d)!\n", num_params);
+  else if (params[0].value.number <= 0 || params[0].value.number >= PenCount)
+    fprintf(stderr, "DEBUG: HP-GL/2 \'SP\' command with invalid pen (%d)!\n",
+	    (int)params[0].value.number);
   else
-    fprintf(stderr, "WARNING: HP-GL/2 \'SP\' command with invalid number or value of parameters (%d, %d)!\n",
-            num_params, (int)params[0].value.number);
+    PenNumber = (int)params[0].value.number - 1;
 
   if (PageDirty)
     printf("%.3f %.3f %.3f %.2f SP\n", Pens[PenNumber].rgb[0],
diff -up cups-1.2.4/filter/hpgltops.h.CVE-2008-3641 cups-1.2.4/filter/hpgltops.h
--- cups-1.2.4/filter/hpgltops.h.CVE-2008-3641	2005-02-18 02:18:11.000000000 +0000
+++ cups-1.2.4/filter/hpgltops.h	2008-09-30 13:34:06.000000000 +0100
@@ -35,6 +35,14 @@
 #  define M_PI	3.14159265358979323846
 #endif /* M_PI */
 
+
+/*
+ * Maximum number of pens we emulate...
+ */
+
+#define MAX_PENS	1024
+
+
 /*
  * Parameter value structure...
  */
@@ -117,10 +125,10 @@ VAR float	PenPosition[2]	VALUE2(0.0f, 0.
 						/* Current pen position */
 		PenScaling	VALUE(1.0f),	/* Pen width scaling factor */
 		PenWidth	VALUE(1.0f);	/* Default pen width */
-VAR pen_t	Pens[1024];			/* State of each pen */
+VAR pen_t	Pens[MAX_PENS];			/* State of each pen */
 VAR int		PenMotion	VALUE(0), 	/* 0 = absolute, 1 = relative */
 		PenValid	VALUE(0),	/* 1 = valid position, 0 = undefined */
-		PenNumber	VALUE(1),	/* Current pen number */
+		PenNumber	VALUE(0),	/* Current pen number */
 		PenCount	VALUE(8),	/* Number of pens */
 		PenDown		VALUE(0),	/* 0 = pen up, 1 = pen down */
 		PolygonMode	VALUE(0),	/* Drawing polygons? */
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009