Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
17406738 problem in UTILITY/HPLIP s11-update
authorMohana Rao Gorai <mohana.gorai@oracle.com>
Tue, 25 Mar 2014 18:46:13 -0700
branchs11-update
changeset 3014 c1a1dfff9d89
parent 3013 4f40e701e0de
child 3016 ef85b23b6885
17406738 problem in UTILITY/HPLIP 16968211 enable ASLR for hplip
components/hplip/Makefile file | annotate | diff | comparison | revisions
components/hplip/patches/05_Bug17406738.patch file | annotate | diff | comparison | revisions 
--- a/components/hplip/Makefile	Tue Mar 25 13:56:57 2014 -0700
+++ b/components/hplip/Makefile	Tue Mar 25 18:46:13 2014 -0700
@@ -19,13 +19,13 @@
 #
 # CDDL HEADER END
 #
-# Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
 #
 include ../../make-rules/shared-macros.mk
 
 COMPONENT_NAME=         hplip
 COMPONENT_VERSION=      3.12.4
-COMPONENT_PROJECT_URL=	http://hplipopensource.com/hplip-web/
+COMPONENT_PROJECT_URL=	http://hplipopensource.com/hplip-web/index.html
 COMPONENT_SRC=          $(COMPONENT_NAME)-$(COMPONENT_VERSION)
 COMPONENT_ARCHIVE=      $(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH= \
@@ -37,6 +37,9 @@
 include ../../make-rules/configure.mk
 include ../../make-rules/ips.mk
 
+# Enable ASLR for this component
+ASLR_MODE = $(ASLR_ENABLE)
+
 # We need to be able to return from void functions
 CC += $(studio_FEATURES_EXTENSIONS)
 CXX += $(studio_FEATURES_EXTENSIONS) $(studio_NORUNPATH) $(studio_CXXLIB_CSTD) 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/hplip/patches/05_Bug17406738.patch	Tue Mar 25 18:46:13 2014 -0700
@@ -0,0 +1,94 @@
+Description: fix for CVE-2013-0200 (insecure temporary files)
+Origin: vendor, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701185
+Original Bug: https://bugzilla.redhat.com/show_bug.cgi?id=902163
+
+-----------------------------------------------------------------------
+--- a/prnt/hpps/hppsfilter.c	Tue Apr 10 01:32:37 2012
++++ b/prnt/hpps/hppsfilter.c	Tue Jan 28 03:25:00 2014
+@@ -93,8 +93,11 @@
+     if (g_savepsfile & SAVE_PS_FILE)
+     {
+         char    sfile_name[FILE_NAME_SIZE] = {0};
+-        sprintf(sfile_name, DBG_PSFILE, szjob_id);
+-        g_fp_outdbgps= fopen(sfile_name, "w");
++        int fd;
++        sprintf(sfile_name, DBG_PSFILE ".XXXXXX", szjob_id);
++        fd = mkstemp (sfile_name);
++        if (fd != -1)
++            g_fp_outdbgps = fdopen(fd, "w");
+         chmod(sfile_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+     }
+ }
+--- a/prnt/hpcups/SystemServices.cpp	Tue Apr 10 01:32:37 2012
++++ b/prnt/hpcups/SystemServices.cpp	Tue Jan 28 03:22:40 2014
+@@ -36,9 +36,12 @@
+     m_fp = NULL;
+     if (iLogLevel & SAVE_PCL_FILE)
+     {
+-        char    fname[32];
+-        sprintf(fname, "/tmp/hpcups_job%d.out", job_id);
+-        m_fp = fopen(fname, "w");
++        char    fname[40];
++        int fd;
++        sprintf(fname, "/tmp/hpcups_job%d.out.XXXXXX", job_id);
++        fd = mkstemp (fname);
++        if (fd != -1)
++            m_fp = fdopen(fd, "w");
+         chmod(fname, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+     }
+ }
+--- a/prnt/hpijs/hpijs.cpp	Tue Apr 10 01:32:39 2012
++++ b/prnt/hpijs/hpijs.cpp	Tue Jan 28 03:20:35 2014
+@@ -97,12 +97,13 @@
+     if (pSS->m_iLogLevel & SAVE_PCL_FILE)
+     {
+         char    szFileName[32];
+-	sprintf (szFileName, "/tmp/hpijs_%d.out", getpid());
+-	pSS->outfp = fopen (szFileName, "w");
+-	if (pSS->outfp)
+-	{
+-	    chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+-	}
++        int fd;
++        sprintf (szFileName, "/tmp/hpijs_%d.out.XXXXXX", getpid());
++        fd = mkstemp (szFileName);
++        if (fd != -1)
++            pSS->outfp = fdopen (fd, "w");
++        if (pSS->outfp)
++            chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+     }
+ }
+ 
+--- a/prnt/hpcups/HPCupsFilter.cpp	Tue Jan 28 03:06:22 2014
++++ b/prnt/hpcups/HPCupsFilter.cpp	Tue Jan 28 03:17:49 2014
+@@ -650,20 +650,25 @@
+         
+         if (m_iLogLevel & SAVE_INPUT_RASTERS)
+         {
+-            char    szFileName[32];
++            char    szFileName[44];
+             memset(szFileName, 0, sizeof(szFileName));
+-            snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterc_%d.bmp", current_page_number);
++            snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterc_%d.bmp.XXXXXX", current_page_number);
+             if (cups_header.cupsColorSpace == CUPS_CSPACE_RGBW ||
+                 cups_header.cupsColorSpace == CUPS_CSPACE_RGB)
+             {
+-                cfp = fopen (szFileName, "w");
++                int fd = mkstemp (szFileName);
++                if (fd != -1)
++                    cfp = fdopen (fd, "w");
+                 chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+             }
+             if (cups_header.cupsColorSpace == CUPS_CSPACE_RGBW ||
+                 cups_header.cupsColorSpace == CUPS_CSPACE_K)
+             {
+-                szFileName[17] = 'k';
+-                kfp = fopen (szFileName, "w");
++                int fd;
++                snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterk_%d.bmp.XXXXXX", current_page_number);
++                fd = mkstemp (szFileName);
++                if (fd != -1)
++                    kfp = fdopen (fd, "w");
+                 chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+             }
+
upstream/oracle/userland-gate