From 6ee6e6a055506118fecd5e88b94476aa8706b894 Mon Sep 17 00:00:00 2001
From: zhouwenpei <zhouwenpei050@chinasoftinc.com>
Date: Fri, 22 Sep 2023 08:15:40 +0000
Subject: [PATCH] fix CVE-2023-4504

---
 backport-CVE-2023-4504.patch | 44 ++++++++++++++++++++++++++++++++++++
 cups.spec                    |  6 ++++-
 2 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2023-4504.patch

diff --git a/backport-CVE-2023-4504.patch b/backport-CVE-2023-4504.patch
new file mode 100644
index 0000000..816afd4
--- /dev/null
+++ b/backport-CVE-2023-4504.patch
@@ -0,0 +1,44 @@
+From 2431caddb7e6a87f04ac90b5c6366ad268b6ff31 Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Wed, 20 Sep 2023 14:45:17 +0200
+Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
+ 
+We didn't check for end of buffer if it looks there is an escaped
+character - check for NULL terminator there and if found, return NULL
+as return value and in `ptr`, because a lone backslash is not
+a valid PostScript character.
+ 
+Reference:https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31
+Conflict:Unmodified CHANGES.md
+ 
+---
+ filter/interpret.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+ 
+diff --git a/filter/interpret.c b/filter/interpret.c
+index 031b1d5..191e759 100644
+--- a/filter/interpret.c
++++ b/filter/interpret.c
+@@ -1117,7 +1117,19 @@ scan_ps(_cups_ps_stack_t *st,		/* I  - Stack */
+ 
+ 	    cur ++;
+ 
+-            if (*cur == 'b')
++	   /*
++	    * Return NULL if we reached NULL terminator, a lone backslash
++	    * is not a valid character in PostScript.
++	    */
++
++	    if (!*cur)
++	    {
++	      *ptr = NULL;
++
++	      return (NULL);
++	    }
++
++	    if (*cur == 'b')
+ 	      *valptr++ = '\b';
+ 	    else if (*cur == 'f')
+ 	      *valptr++ = '\f';
+-- 
+2.27.0
\ No newline at end of file
diff --git a/cups.spec b/cups.spec
index 7c15826..d6f53bb 100644
--- a/cups.spec
+++ b/cups.spec
@@ -1,7 +1,7 @@
 Name:    cups
 Epoch:   1
 Version: 2.2.13
-Release: 17
+Release: 18
 Summary: CUPS is the standards-based, open source printing system for linux operating systems.
 License: GPLv2+ and LGPLv2+ with exceptions and AML
 Url:     http://www.cups.org/
@@ -42,6 +42,7 @@ Patch6004: backport-CVE-2023-32324.patch
 Patch6005: fix-httpAddrGetList-test-case-fail.patch
 Patch6006: fix-verifying-that-history-still-exists-test-case-fail.patch
 Patch6007: backport-CVE-2023-34241.patch
+Patch6008: backport-CVE-2023-4504.patch
 
 Provides: cupsddk cupsddk-drivers cups-filesystem cups-client cups-ipptool cups-lpd
 Provides: lpd lpr /usr/bin/lpq /usr/bin/lpr /usr/bin/lp /usr/bin/cancel /usr/bin/lprm /usr/bin/lpstat
@@ -336,6 +337,9 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
 %doc %{_datadir}/%{name}/www/apple-touch-icon.png
 
 %changelog
+* Fri Sep 22 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 1:2.2.13-18
+- fix CVE-2023-4504
+
 * Mon Jun 26 2023 zhouwenpei <zhouwenpei@h-partners.com> - 1:2.2.13-17
 - fix CVE-2023-34241
 
-- 
Gitee