upstream/oracle/userland-gate: components/hplip/patches/05_Bug17406738.patch@e6db95cc6647 (annotated)

1721 e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	1	Description: fix for CVE-2013-0200 (insecure temporary files)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	2	Origin: vendor, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701185
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	3	Original Bug: https://bugzilla.redhat.com/show_bug.cgi?id=902163
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	4
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	5	-----------------------------------------------------------------------
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	6	--- a/prnt/hpps/hppsfilter.c Tue Apr 10 01:32:37 2012
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	7	+++ b/prnt/hpps/hppsfilter.c Tue Jan 28 03:25:00 2014
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	8	@@ -93,8 +93,11 @@
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	9	if (g_savepsfile & SAVE_PS_FILE)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	10	{
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	11	char sfile_name[FILE_NAME_SIZE] = {0};
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	12	- sprintf(sfile_name, DBG_PSFILE, szjob_id);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	13	- g_fp_outdbgps= fopen(sfile_name, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	14	+ int fd;
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	15	+ sprintf(sfile_name, DBG_PSFILE ".XXXXXX", szjob_id);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	16	+ fd = mkstemp (sfile_name);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	17	+ if (fd != -1)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	18	+ g_fp_outdbgps = fdopen(fd, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	19	chmod(sfile_name, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	20	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	21	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	22	--- a/prnt/hpcups/SystemServices.cpp Tue Apr 10 01:32:37 2012
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	23	+++ b/prnt/hpcups/SystemServices.cpp Tue Jan 28 03:22:40 2014
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	24	@@ -36,9 +36,12 @@
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	25	m_fp = NULL;
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	26	if (iLogLevel & SAVE_PCL_FILE)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	27	{
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	28	- char fname[32];
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	29	- sprintf(fname, "/tmp/hpcups_job%d.out", job_id);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	30	- m_fp = fopen(fname, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	31	+ char fname[40];
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	32	+ int fd;
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	33	+ sprintf(fname, "/tmp/hpcups_job%d.out.XXXXXX", job_id);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	34	+ fd = mkstemp (fname);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	35	+ if (fd != -1)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	36	+ m_fp = fdopen(fd, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	37	chmod(fname, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	38	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	39	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	40	--- a/prnt/hpijs/hpijs.cpp Tue Apr 10 01:32:39 2012
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	41	+++ b/prnt/hpijs/hpijs.cpp Tue Jan 28 03:20:35 2014
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	42	@@ -97,12 +97,13 @@
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	43	if (pSS->m_iLogLevel & SAVE_PCL_FILE)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	44	{
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	45	char szFileName[32];
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	46	- sprintf (szFileName, "/tmp/hpijs_%d.out", getpid());
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	47	- pSS->outfp = fopen (szFileName, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	48	- if (pSS->outfp)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	49	- {
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	50	- chmod (szFileName, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	51	- }
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	52	+ int fd;
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	53	+ sprintf (szFileName, "/tmp/hpijs_%d.out.XXXXXX", getpid());
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	54	+ fd = mkstemp (szFileName);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	55	+ if (fd != -1)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	56	+ pSS->outfp = fdopen (fd, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	57	+ if (pSS->outfp)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	58	+ chmod (szFileName, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	59	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	60	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	61
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	62	--- a/prnt/hpcups/HPCupsFilter.cpp Tue Jan 28 03:06:22 2014
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	63	+++ b/prnt/hpcups/HPCupsFilter.cpp Tue Jan 28 03:17:49 2014
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	64	@@ -650,20 +650,25 @@
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	65
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	66	if (m_iLogLevel & SAVE_INPUT_RASTERS)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	67	{
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	68	- char szFileName[32];
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	69	+ char szFileName[44];
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	70	memset(szFileName, 0, sizeof(szFileName));
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	71	- snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterc_%d.bmp", current_page_number);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	72	+ snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterc_%d.bmp.XXXXXX", current_page_number);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	73	if (cups_header.cupsColorSpace == CUPS_CSPACE_RGBW \|\|
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	74	cups_header.cupsColorSpace == CUPS_CSPACE_RGB)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	75	{
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	76	- cfp = fopen (szFileName, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	77	+ int fd = mkstemp (szFileName);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	78	+ if (fd != -1)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	79	+ cfp = fdopen (fd, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	80	chmod (szFileName, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	81	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	82	if (cups_header.cupsColorSpace == CUPS_CSPACE_RGBW \|\|
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	83	cups_header.cupsColorSpace == CUPS_CSPACE_K)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	84	{
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	85	- szFileName[17] = 'k';
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	86	- kfp = fopen (szFileName, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	87	+ int fd;
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	88	+ snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterk_%d.bmp.XXXXXX", current_page_number);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	89	+ fd = mkstemp (szFileName);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	90	+ if (fd != -1)
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	91	+ kfp = fdopen (fd, "w");
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	92	chmod (szFileName, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	93	}
e6db95cc6647 17406738 problem in UTILITY/HPLIP Mohana Rao Gorai <mohana.gorai@oracle.com> parents: diff changeset	94

author	Mohana Rao Gorai <mohana.gorai@oracle.com>
	Sun, 23 Feb 2014 22:46:55 -0800
changeset 1721	e6db95cc6647
permissions	-rw-r--r--