From: Michael R Sweet <michael.r.sweet@gmail.com>
Date: Mon, 15 Apr 2019 20:03:03 +0000 (-0400)
Subject: Correctly encode octetString values for print filters (Issue #5558)
X-Git-Tag: v2.3b8~58
X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fcups.git;a=commitdiff_plain;h=5483fd294a5336c2f74c87017f90ac1c159a879e

Correctly encode octetString values for print filters (Issue #5558)

scheduler/job.c:
- get_options(): Handle IPP_TAG_STRING separately and either provide a quoted
  string or a hex string, depending on the value.
- ipp_length(): Handle IPP_TAG_STRING separately.
---

diff --git a/CHANGES.md b/CHANGES.md
index a44c3f19d..ce41c8367 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -9,6 +9,8 @@ Changes in CUPS v2.3b8
 - The lpadmin command would hang with a bad PPD file (rdar://41495016)
 - Fixed a potential crash bug in cups-driverd (rdar://46625579)
 - Fixed a performance regression with large PPDs (rdar://47040759)
+- The scheduler did not encode octetString values like "job-password" correctly
+  for the print filters (Issue #5558)
 - The `ippValidateAttribute` function did not catch all instances of invalid
   UTF-8 strings (Issue #5509)
 - Fixed an issue with the self-signed certificates generated by GNU TLS
diff --git a/scheduler/job.c b/scheduler/job.c
index fe8eeb7c9..092d87962 100644
--- a/scheduler/job.c
+++ b/scheduler/job.c
@@ -4030,6 +4030,45 @@ get_options(cupsd_job_t *job,		/* I - Job */
 	      break;
 
           case IPP_TAG_STRING :
+              {
+                int length = attr->values[i].unknown.length;
+
+		for (valptr = attr->values[i].unknown.data; length > 0; length --)
+		{
+		  if ((*valptr & 255) < 0x20 || *valptr == 0x7f)
+		    break;
+		}
+
+		if (length > 0)
+		{
+		 /*
+		  * Encode this string as hex characters...
+		  */
+
+                  *optptr++ = '<';
+
+		  for (valptr = attr->values[i].unknown.data, length = attr->values[i].unknown.length; length > 0; length --)
+		  {
+		    snprintf(optptr, optlength - (size_t)(optptr - options) - 1, "%02X", *valptr & 255);
+		    optptr += 2;
+		  }
+
+                  *optptr++ = '>';
+		}
+		else
+		{
+		  for (valptr = attr->values[i].unknown.data, length = attr->values[i].unknown.length; length > 0; length --)
+		  {
+		    if (strchr(" \t\n\\\'\"", *valptr))
+		      *optptr++ = '\\';
+		    *optptr++ = *valptr++;
+		  }
+		}
+	      }
+
+	      *optptr = '\0';
+	      break;
+
 	  case IPP_TAG_TEXT :
 	  case IPP_TAG_NAME :
 	  case IPP_TAG_KEYWORD :
@@ -4175,6 +4214,16 @@ ipp_length(ipp_t *ipp)			/* I - IPP request */
 	  break;
 
       case IPP_TAG_STRING :
+         /*
+	  * Octet strings can contain characters that need quoting.  We need
+	  * at least 2 * len + 2 characters to cover the quotes and any
+	  * backslashes in the string.
+	  */
+
+          for (i = 0; i < attr->num_values; i ++)
+	    bytes += 2 * (size_t)attr->values[i].unknown.length + 2;
+	  break;
+
       case IPP_TAG_TEXT :
       case IPP_TAG_NAME :
       case IPP_TAG_KEYWORD :