From: msweet Date: Fri, 23 Oct 2015 19:00:06 +0000 (+0000) Subject: Limit size of chunked requests () X-Git-Tag: v2.2b1~175 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=34c67f13d63c439eb21f9a4f76a63c84098422e2;p=thirdparty%2Fcups.git Limit size of chunked requests () git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12915 a1ca3aef-8c08-0410-bb20-df032aa958be --- diff --git a/CHANGES-2.1.txt b/CHANGES-2.1.txt index 43a67f8901..84e3a20b8c 100644 --- a/CHANGES-2.1.txt +++ b/CHANGES-2.1.txt @@ -4,7 +4,7 @@ CHANGES-2.1.txt CHANGES IN CUPS V2.1.1 - Security hardening fixes (, - ) + , ) - The cupsGetPPD* functions did not work with IPP printers (STR #4725) - Some older HP LaserJet printers need a delayed close when printing using the libusb-based USB backend (STR #4549) diff --git a/scheduler/client.c b/scheduler/client.c index 1221d2c8e9..8299764369 100644 --- a/scheduler/client.c +++ b/scheduler/client.c @@ -1799,6 +1799,20 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ { con->bytes += bytes; + if (MaxRequestSize > 0 && con->bytes > MaxRequestSize) + { + close(con->file); + con->file = -1; + unlink(con->filename); + cupsdClearString(&con->filename); + + if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE)) + { + cupsdCloseClient(con); + return; + } + } + if (write(con->file, line, (size_t)bytes) < bytes) { cupsdLogClient(con, CUPSD_LOG_ERROR, @@ -1960,6 +1974,20 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ { con->bytes += bytes; + if (MaxRequestSize > 0 && con->bytes > MaxRequestSize) + { + close(con->file); + con->file = -1; + unlink(con->filename); + cupsdClearString(&con->filename); + + if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE)) + { + cupsdCloseClient(con); + return; + } + } + if (write(con->file, line, (size_t)bytes) < bytes) { cupsdLogClient(con, CUPSD_LOG_ERROR,