Validate attribute group for initial request attributes (rdar://41098178)

diff --git a/CHANGES.md b/CHANGES.md
index 3bd2e9678f3906351a2426d2a6d7755e8237a66a..6bc00e633dfcec1871889deabf0037589258a310 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,4 +1,4 @@
-CHANGES - 2.2.9 - 2018-07-18
+CHANGES - 2.2.9 - 2018-08-18
 ============================
 
 
@@ -18,6 +18,8 @@ Changes in CUPS v2.2.9
 - Fixed some typos in the label printer drivers (Issue #5350)
 - The scheduler was being backgrounded on macOS, causing applications to spin
   (rdar://40436080)
+- The scheduler did not validate that required initial request attributes were
+  in the operation group (rdar://41098178)
 - Authentication in the web interface did not work on macOS (rdar://41444473)
 - Dropped non-working RSS subscriptions UI from web interface templates.
 - Fixed a memory leak for some IPP (extension) syntaxes.

diff --git a/man/cups-files.conf.man.in b/man/cups-files.conf.man.in
index 6ac4e72d36aa389ea9742b69bb36166cf450775c..f5e6a9f3912b4d126cc79db81c7abb8fc8d8f04b 100644 (file)
--- a/man/cups-files.conf.man.in
+++ b/man/cups-files.conf.man.in
@@ -1,7 +1,7 @@
 .\"
 .\" cups-files.conf man page for CUPS.
 .\"
-.\" Copyright 2007-2017 by Apple Inc.
+.\" Copyright 2007-2018 by Apple Inc.
 .\" Copyright 1997-2006 by Easy Software Products.
 .\"
 .\" These coded instructions, statements, and computer programs are the
@@ -10,7 +10,7 @@
 .\" which should have been included with this file.  If this file is
 .\" file is missing or damaged, see the license at "http://www.cups.org/".
 .\"
-.TH cups-files.conf 5 "CUPS" "21 September 2017" "Apple Inc."
+.TH cups-files.conf 5 "CUPS" "25 February 2018 " "Apple Inc."
 .SH NAME
 cups\-files.conf \- file and directory configuration file for cups
 .SH DESCRIPTION
@@ -284,4 +284,4 @@ Specifies the SMB service configuration file to update.
 .BR subscriptions.conf (5),
 CUPS Online Help (http://localhost:631/help)
 .SH COPYRIGHT
-Copyright \[co] 2007-2017 by Apple Inc.
+Copyright \[co] 2007-2018 by Apple Inc.

diff --git a/scheduler/ipp.c b/scheduler/ipp.c
index d1c6a89fb59b10e02228a1eecc98c1a1b00a079d..825cabbf057dae76f487960ce75aa2b54131237d 100644 (file)
--- a/scheduler/ipp.c
+++ b/scheduler/ipp.c
@@ -253,7 +253,7 @@ cupsdProcessIPPRequest(
       */
 
       attr = con->request->attrs;
-      if (attr && attr->name && !strcmp(attr->name, "attributes-charset") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_CHARSET)
+      if (attr && attr->name && !strcmp(attr->name, "attributes-charset") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_CHARSET && attr->group_tag == IPP_TAG_OPERATION)
        charset = attr;
       else
        charset = NULL;
@@ -261,7 +261,7 @@ cupsdProcessIPPRequest(
       if (attr)
         attr = attr->next;
 
-      if (attr && attr->name && !strcmp(attr->name, "attributes-natural-language") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_LANGUAGE)
+      if (attr && attr->name && !strcmp(attr->name, "attributes-natural-language") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_LANGUAGE && attr->group_tag == IPP_TAG_OPERATION)
       {
        language = attr;
 
@@ -279,12 +279,12 @@ cupsdProcessIPPRequest(
       else
        language = NULL;
 
-      if ((attr = ippFindAttribute(con->request, "printer-uri", IPP_TAG_URI)) != NULL)
+      if ((attr = ippFindAttribute(con->request, "printer-uri", IPP_TAG_URI)) != NULL && attr->group_tag == IPP_TAG_OPERATION)
        uri = attr;
-      else if ((attr = ippFindAttribute(con->request, "job-uri", IPP_TAG_URI)) != NULL)
+      else if ((attr = ippFindAttribute(con->request, "job-uri", IPP_TAG_URI)) != NULL && attr->group_tag == IPP_TAG_OPERATION)
        uri = attr;
-      else if (con->request->request.op.operation_id == CUPS_GET_PPD)
-        uri = ippFindAttribute(con->request, "ppd-name", IPP_TAG_NAME);
+      else if (con->request->request.op.operation_id == CUPS_GET_PPD && (attr = ippFindAttribute(con->request, "ppd-name", IPP_TAG_NAME)) != NULL && attr->group_tag == IPP_TAG_OPERATION)
+        uri = attr;
       else
        uri = NULL;