Ensure cups doesn't allow filters with ., /, or .. in name, and filters always come from certain dir |
||
Issue descriptionI think this is already the case, but need to check.
,
Sep 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/f3641b4bd60be7aac743338faee74f14817ddefd commit f3641b4bd60be7aac743338faee74f14817ddefd Author: Andrew de los Reyes <adlr@chromium.org> Date: Thu Aug 25 18:46:53 2016 net-print/cups: Patch to be strict on filter names in PPDs We require that all filters specified in PPDs are just the program name, and do not contain any relative or absolute path info. BUG= chromium:633384 TEST=Manually ran cuptestppd on device with dummy PPD. Made sure it could pass with a valid filter, but when usingn path info (adding . or / to filter), it would fail. Tested with both cupsFilter and cupsFilter2. Change-Id: I891e6ed9cba6d262d6db68b0603069bc52779919 Reviewed-on: https://chromium-review.googlesource.com/376021 Commit-Ready: Andrew de los Reyes <adlr@chromium.org> Tested-by: Andrew de los Reyes <adlr@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [rename] https://crrev.com/f3641b4bd60be7aac743338faee74f14817ddefd/net-print/cups/cups-2.1.4-r5.ebuild [modify] https://crrev.com/f3641b4bd60be7aac743338faee74f14817ddefd/net-print/cups/cups-2.1.4.ebuild [add] https://crrev.com/f3641b4bd60be7aac743338faee74f14817ddefd/net-print/cups/files/cups-2.1.4-strict-filters.patch
,
Sep 6 2016
,
Jul 23
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/cups/+/63217cae77c2c30c4fea3325093f505d0dfe0a93 commit 63217cae77c2c30c4fea3325093f505d0dfe0a93 Author: David Valleau <valleau@chromium.org> Date: Mon Jul 23 21:13:48 2018 Applying cups-2.1.4-strict-filters.patch Makes cupstestppd extra strict, preventing filters from having '/' or '.' in the name. This is to ensure that filters don't use an absolute path or even relative path with '..' in it. Yes, it's extra strict, b/c a filter name like 'myfilter.foo' would be stopped by this script, but doesn't pose a problem. That said, we don't see that in practice. From: Andrew de los Reyes <adlr@chromium.org> Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=633384 BUG= chromium:865217 TEST=None Change-Id: Ieabf6e1548c46356e4ec5f66669e31f1dbf99ddf [modify] https://crrev.com/63217cae77c2c30c4fea3325093f505d0dfe0a93/systemv/cupstestppd.c |
||
►
Sign in to add a comment |
||
Comment 1 by adlr@chromium.org
, Aug 25 2016