1 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-extended/cups/cups/CVE-2023-4504.patch b/meta/recipes-extended/cups/cups/CVE-2023-4504.patch
new file mode 100644
index 0000000000..be0db1fbd4
--- /dev/null
+++ b/meta/recipes-extended/cups/cups/CVE-2023-4504.patch
@@ -0,0 +1,40 @@
+From a9a7daa77699bd58001c25df8a61a8029a217ddf Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Fri, 1 Sep 2023 16:47:29 +0200
+Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
+We didn't check for end of buffer if it looks there is an escaped
+character - check for NULL terminator there and if found, return NULL
+as return value and in `ptr`, because a lone backslash is not
+a valid PostScript character.
+Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31]
+CVE: CVE-2023-4504
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ cups/raster-interpret.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+--- a/cups/raster-interpret.c
+++ b/cups/raster-interpret.c
+@@ -1113,7 +1113,19 @@ scan_ps(_cups_ps_stack_t *st,            /* I  - S
+ 
+            cur ++;
+ 
+-            if (*cur == 'b')
+          /*
+           * Return NULL if we reached NULL terminator, a lone backslash
+            * is not a valid character in PostScript.
+           */
+
+           if (!*cur)
+           {
+             *ptr = NULL;
+
+             return (NULL);
+           }
+
+           if (*cur == 'b')
+              *valptr++ = '\b';
+            else if (*cur == 'f')
+              *valptr++ = '\f';

diff --git a/meta/recipes-extended/cups/cups/CVE-2023-4504.patch b/meta/recipes-extended/cups/cups/CVE-2023-4504.patch new file mode 100644 index 0000000000..be0db1fbd4 --- /dev/null +++ b/meta/recipes-extended/cups/cups/CVE-2023-4504.patch
@@ -0,0 +1,40 @@
	1	From a9a7daa77699bd58001c25df8a61a8029a217ddf Mon Sep 17 00:00:00 2001
	2	From: Zdenek Dohnal <zdohnal@redhat.com>
	3	Date: Fri, 1 Sep 2023 16:47:29 +0200
	4	Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
	5
	6	We didn't check for end of buffer if it looks there is an escaped
	7	character - check for NULL terminator there and if found, return NULL
	8	as return value and in `ptr`, because a lone backslash is not
	9	a valid PostScript character.
	10
	11	Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31]
	12	CVE: CVE-2023-4504
	13	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
	14	---
	15	cups/raster-interpret.c \| 14 +++++++++++++-
	16	1 file changed, 13 insertions(+), 1 deletion(-)
	17
	18	--- a/cups/raster-interpret.c
	19	+++ b/cups/raster-interpret.c
	20	@@ -1113,7 +1113,19 @@ scan_ps(_cups_ps_stack_t st, / I - S
	21
	22	cur ++;
	23
	24	- if (*cur == 'b')
	25	+ /*
	26	+ * Return NULL if we reached NULL terminator, a lone backslash
	27	+ * is not a valid character in PostScript.
	28	+ */
	29	+
	30	+ if (!*cur)
	31	+ {
	32	+ *ptr = NULL;
	33	+
	34	+ return (NULL);
	35	+ }
	36	+
	37	+ if (*cur == 'b')
	38	*valptr++ = '\b';
	39	else if (*cur == 'f')
	40	*valptr++ = '\f';