oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: CUPS DoS via RSS subscriptions

From: Eygene Ryabinkin <rea-sec () codelabs ru>
Date: Thu, 20 Nov 2008 11:41:28 +0300
Michael, good day.

Wed, Nov 19, 2008 at 05:54:49PM -0800, Michael Sweet wrote:

Eygene Ryabinkin wrote:

The attached patch fixes the things for me, but perhaps it needs
some more polishing.  Will try to take a fresh look at this tomorrow.

Mike, please, take a look at this!


You'll find a much more complete patch already in CUPS svn for both
1.3.x and 1.4.x, along with a new subscription test for the
"make check" target.  I didn't withhold the patch since the browser
attack vector was closed in 1.3.8...

I've attached my 1.3.x patch...


Thanks!  Just a quick question: the check in add_job_subscriptions() is
catching non-NULL result of cupsdAddSubscription, but for the failed
subscription is does not inform user about this.  The code in
create_subscription() returns error.  Is it intentional?  Client gets
nothing (at least 'lpr -m file.txt' outputs no error), but subscription
is silently dropped.
-- 
Eygene
Previous By Date Next
Previous By Thread Next

Current thread: