1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
diff -up cups-1.2.4/scheduler/client.c.CVE-2007-4045 cups-1.2.4/scheduler/client.c
--- cups-1.2.4/scheduler/client.c.CVE-2007-4045 2007-10-30 09:51:04.000000000 +0000
+++ cups-1.2.4/scheduler/client.c 2007-10-30 10:07:10.000000000 +0000
@@ -105,6 +105,25 @@ static int write_file(cupsd_client_t *c
struct stat *filestats);
+void
+_cupsdFixClientsBIO(void)
+{
+#ifdef HAVE_LIBSSL
+ cupsd_client_t *c;
+ BIO *bio;
+ cupsArraySave (Clients);
+ for (c = (cupsd_client_t *)cupsArrayFirst(Clients);
+ c;
+ c = (cupsd_client_t *)cupsArrayNext(Clients))
+ {
+ bio = SSL_get_wbio(c->http.tls);
+ BIO_ctrl(bio, BIO_C_SET_FILE_PTR, 0, (char *)HTTP(c));
+ }
+ cupsArrayRestore (Clients);
+#endif
+}
+
+
/*
* 'cupsdAcceptClient()' - Accept a new client.
*/
@@ -438,6 +457,7 @@ cupsdAcceptClient(cupsd_listener_t *lis)
}
cupsArrayAdd(Clients, con);
+ _cupsdFixClientsBIO();
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"cupsdAcceptClient: %d connected to server on %s:%d",
@@ -729,6 +749,7 @@ cupsdCloseClient(cupsd_client_t *con) /*
*/
cupsArrayRemove(Clients, con);
+ _cupsdFixClientsBIO();
free(con);
}
diff -up cups-1.2.4/scheduler/main.c.CVE-2007-4045 cups-1.2.4/scheduler/main.c
--- cups-1.2.4/scheduler/main.c.CVE-2007-4045 2007-10-30 09:51:04.000000000 +0000
+++ cups-1.2.4/scheduler/main.c 2007-10-30 09:51:05.000000000 +0000
@@ -948,7 +948,7 @@ main(int argc, /* I - Number of comm
* Write data as needed...
*/
- if (con->pipe_pid && FD_ISSET(con->file, input))
+ if (con->pipe_pid && con->file >= 0 && FD_ISSET(con->file, input))
{
/*
* Keep track of pending input from the file/pipe separately
|
GitWeb
