File cups-1.7.5-CVE-2024-35235.patch of Package cups.40433
--- scheduler/listen.c.orig 2013-05-29 13:51:34.000000000 +0200
+++ scheduler/listen.c 2024-06-04 14:15:47.897362470 +0200
@@ -235,27 +235,35 @@ cupsdStartListening(void)
* Remove any existing domain socket file...
*/
- unlink(lis->address.un.sun_path);
+ if ((status = unlink(lis->address.un.sun_path)) < 0)
+ {
+ if (errno == ENOENT)
+ status = 0;
+ }
+
+ if (!status)
+ {
+
+ /*
+ * Save the current umask and set it to 0 so that all users can access
+ * the domain socket...
+ */
+
+ mask = umask(0);
+
+ /*
+ * Bind the domain socket...
+ */
- /*
- * Save the current umask and set it to 0 so that all users can access
- * the domain socket...
- */
-
- mask = umask(0);
-
- /*
- * Bind the domain socket...
- */
-
- status = bind(lis->fd, (struct sockaddr *)&(lis->address),
+ status = bind(lis->fd, (struct sockaddr *)&(lis->address),
httpAddrLength(&(lis->address)));
- /*
- * Restore the umask...
- */
+ /*
+ * Restore the umask...
+ */
- umask(mask);
+ umask(mask);
+ }
}
else
#endif /* AF_LOCAL */
@@ -305,11 +313,6 @@ cupsdStartListening(void)
{
cupsdLogMessage(CUPSD_LOG_INFO, "Listening to %s on fd %d...",
s, lis->fd);
-
- if (chmod(s, 0140777))
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "Unable to change permisssions on domain socket "
- "\"%s\" - %s", s, strerror(errno));
}
/*
--- scheduler/conf.c.orig 2014-06-16 18:13:06.000000000 +0200
+++ scheduler/conf.c 2024-06-04 15:00:31.308511066 +0200
@@ -2932,6 +2932,15 @@ read_cupsd_conf(cups_file_t *fp) /* I -
cupsd_listener_t *lis; /* New listeners array */
+ /*
+ * Check that the domain socket path is not too long...
+ */
+
+ if (*value == '/' && strlen(value) > (sizeof(addr->addr.un.sun_path) - 1))
+ {
+ cupsdLogMessage(CUPSD_LOG_INFO, "Ignoring %s address %s at line %d - too long.", line, value, linenum);
+ continue;
+ }
/*
* Get the address list...
