File cups-filters-1.25.0-0002-beh-backend-Extra-checks-against-odd-forged-input-CVE-2023-24805.patch of Package cups-filters.29003

--- backend/beh.c.patched.0001-beh-backend-Use-execv-instead-of-system-CVE-2023-248	2023-05-15 16:06:14.493385265 +0200
+++ backend/beh.c	2023-05-15 16:32:17.990249265 +0200
@@ -222,16 +222,30 @@ call_backend(char *uri,
                 wait_pid,
                 wait_status,
                 retval = 0;
+  int           bytes;
 
  /*
   * Build the backend command line...
   */
 
+  scheme[0] = '\0';
   strncpy(scheme, uri, sizeof(scheme));
-  if (strlen(uri) > 1023)
-    scheme[1023] = '\0';
+  if (strlen(uri) > sizeof(scheme) - 1)
+    scheme[sizeof(scheme) - 1] = '\0';
   if ((ptr = strchr(scheme, ':')) != NULL)
     *ptr = '\0';
+  else
+  {
+    fprintf(stderr,
+	    "ERROR: beh: Invalid URI, no colon (':') to mark end of scheme part.\n");
+    exit (CUPS_BACKEND_FAILED);
+  }
+  if (strchr(scheme, '/'))
+  {
+    fprintf(stderr,
+	    "ERROR: beh: Invalid URI, scheme contains a slash ('/').\n");
+    exit (CUPS_BACKEND_FAILED);
+  }
 
   if ((cups_serverbin = getenv("CUPS_SERVERBIN")) == NULL)
     cups_serverbin = CUPS_SERVERBIN;
@@ -251,8 +265,15 @@ call_backend(char *uri,
   backend_argv[6] = filename;
   backend_argv[7] = NULL;
 
-  snprintf(backend_path, sizeof(backend_path),
-	   "%s/backend/%s", cups_serverbin, scheme);
+  bytes = snprintf(backend_path, sizeof(backend_path),
+		   "%s/backend/%s", cups_serverbin, scheme);
+  if (bytes < 0 || bytes >= sizeof(backend_path))
+  {
+    fprintf(stderr,
+	    "ERROR: beh: Invalid scheme (\"%s\"), could not determing backend path.\n",
+	    scheme);
+    exit (CUPS_BACKEND_FAILED);
+  }
 
  /*
   * Overwrite the device URI and run the actual backend...
openSUSE Build Service is sponsored by