diff --git a/backport-CVE-2024-35235.patch b/backport-CVE-2024-35235.patch new file mode 100755 index 0000000000000000000000000000000000000000..aeb6cf8896768a80c1c3396642e391cac6f050c5 --- /dev/null +++ b/backport-CVE-2024-35235.patch @@ -0,0 +1,96 @@ +From 5c3e5a3996ea2215a4ad30dea4c953e4a10a2e4d Mon Sep 17 00:00:00 2001 +From: cai-zihua +Date: Thu, 11 Jul 2024 15:25:04 +0800 +Subject: [PATCH] 2 + +Change-Id: I21ab06577dff0ce7e2fc2af8bde7ac83080c9ee8 +--- + cups-2.4.0/cups/http-addr.c | 38 ++++++++++++++++++------------------- + cups-2.4.0/scheduler/conf.c | 19 +++++++++++++++++++ + 2 files changed, 38 insertions(+), 19 deletions(-) + +diff --git a/cups-2.4.0/cups/http-addr.c b/cups-2.4.0/cups/http-addr.c +index 114a6449..c07f092f 100644 +--- a/cups-2.4.0/cups/http-addr.c ++++ b/cups-2.4.0/cups/http-addr.c +@@ -205,28 +205,28 @@ httpAddrListen(http_addr_t *addr, /* I - Address to bind to */ + /* + * Remove any existing domain socket file... + */ ++ if ((status = unlink(addr->un.sun_path)) < 0) ++ { ++ DEBUG_printf(("1httpAddrListen: Unable to unlink \"%s\": %s", addr->un.sun_path, strerror(errno))); + +- unlink(addr->un.sun_path); +- +- /* +- * Save the current umask and set it to 0 so that all users can access +- * the domain socket... +- */ +- +- mask = umask(0); +- +- /* +- * Bind the domain socket... +- */ +- +- status = bind(fd, (struct sockaddr *)addr, (socklen_t)httpAddrLength(addr)); ++ if (errno == ENOENT) ++ status = 0; ++ } + +- /* +- * Restore the umask and fix permissions... +- */ ++ if (!status) ++ { ++ // Save the current umask and set it to 0 so that all users can access ++ // the domain socket... ++ mask = umask(0); ++ // Bind the domain socket... ++ if ((status = bind(fd, (struct sockaddr *)addr, (socklen_t)httpAddrLength(addr))) < 0) ++ { ++ DEBUG_printf(("1httpAddrListen: Unable to bind domain socket \"%s\": %s", addr->un.sun_path, strerror(errno))); ++ } + +- umask(mask); +- chmod(addr->un.sun_path, 0140777); ++ // Restore the umask... ++ umask(mask); ++ } + } + else + #endif /* AF_LOCAL */ +diff --git a/cups-2.4.0/scheduler/conf.c b/cups-2.4.0/scheduler/conf.c +index e44736b7..a5ba6cba 100644 +--- a/cups-2.4.0/scheduler/conf.c ++++ b/cups-2.4.0/scheduler/conf.c +@@ -3073,6 +3073,25 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ + + cupsd_listener_t *lis; /* New listeners array */ + ++ /* ++ * If we are launched on-demand, do not use domain sockets from the config ++ * file. Also check that the domain socket path is not too long... ++ */ ++ ++#ifdef HAVE_ONDEMAND ++ if (*value == '/' && OnDemand) ++ { ++ if (strcmp(value, CUPS_DEFAULT_DOMAINSOCKET)) ++ cupsdLogMessage(CUPSD_LOG_INFO, "Ignoring %s address %s at line %d - only using domain socket from launchd/systemd.", line, value, linenum); ++ continue; ++ } ++#endif // HAVE_ONDEMAND ++ ++ if (*value == '/' && strlen(value) > (sizeof(addr->addr.un.sun_path) - 1)) ++ { ++ cupsdLogMessage(CUPSD_LOG_INFO, "Ignoring %s address %s at line %d - too long.", line, value, linenum); ++ continue; ++ } + + /* + * Get the address list... +-- +2.25.1 + diff --git a/install.sh b/install.sh index c03ebbb0c33d2c85e1fbcb6c499ab25188325458..621762849446ab242d4f551b42f911ac2d7458d4 100755 --- a/install.sh +++ b/install.sh @@ -25,4 +25,5 @@ patch -p1 < $1/backport-CVE-2023-34241.patch --fuzz=0 --no-backup-if-mismatch patch -p1 < $1/ohos-multi-file-print.patch --fuzz=0 --no-backup-if-mismatch patch -p1 < $1/ohos-modify-pthread.patch --fuzz=0 --no-backup-if-mismatch patch -p1 < $1/ohos-add-openssl.patch --fuzz=0 --no-backup-if-mismatch +patch -p1 < $1/backport-CVE-2024-35235.patch --fuzz=0 --no-backup-if-mismatch exit 0 \ No newline at end of file