Bug#1009146: cups Segmentation fault
tags 1009146 patch
forwarded 1009146 https://github.com/OpenPrinting/cups/issues/457
thanks
On Thu 07 Apr 2022 at 19:55:06 +0300, Дмитрий Тихомиров wrote:
> Package: cups
> Version: 2.3.3
>
> Hi.
>
> Error message: Segmentation fault
>
> To reproduce this bug we just need to run command "lprm -P". In normal way it must finish with output of available commands .
> Technical description: Program lprm call function main(file lprm.c:30). In « if ((instance = strchr (name, ' / ' )) != NULL ) » (file lprm.c:87) when we send "-P" the program will received Segmentation fault .
>
> System information: Linux debian 5.10.0-12-amd64 #1 SMP Debian [ callto:5.10.103-1 (2022-03-07 | 5.10.103-1 (2022-03-07 ] ) x86_64 GNU/Linux
> libc-2.31.so
>
> CWE identifier for this bug: CWE-20: Improper Input Validation
>
> Way to fix this bug: change it " else { i ++; name = argv[i]; }" (file lprm.c:82-86) to this "i ++; if (i >= argc) { _cupsLangPrintf(stderr, _("%s: Error - expected username after \"-P\" option."), argv[0]); usage(); }" .
Thank you for your report, Dmitriy.
I can reproduce the behaviour with "lprm -P" on cups 2.4.2-1+b1.
Forwarded upstream.
Cheers,
Brian.
Reply to: