From: mike Date: Wed, 13 Mar 2013 16:16:07 +0000 (+0000) Subject: Local certificate authentication did not guard against an empty certification X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=58f3cd1abc1df0ff45e49b8c099db9a6209c0561;p=thirdparty%2Fcups.git Local certificate authentication did not guard against an empty certification file (STR #4293) git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@10904 7a7537e8-13f0-0310-91df-b6672ffda945 --- diff --git a/CHANGES-1.6.txt b/CHANGES-1.6.txt index f9efbb2bc2..b44b09350b 100644 --- a/CHANGES-1.6.txt +++ b/CHANGES-1.6.txt @@ -12,6 +12,8 @@ CHANGES IN CUPS V1.6.2 - Added a French localization (STR #4247) - Added a Russian localization (STR #4228, STR #4285) - Updated the Catalan localization (STR #4202) + - Local certificate authentication did not guard against an empty + certification file (STR #4293) - The scheduler did not reject device URIs with spaces. - Added USB quirk rule for Epson Stylus Photo 750 (STR #4286) - The IPP backend could crash if the printer disconnects early diff --git a/cups/auth.c b/cups/auth.c index 309b9cce11..8efb34b337 100644 --- a/cups/auth.c +++ b/cups/auth.c @@ -667,8 +667,7 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */ int pid; /* Current process ID */ FILE *fp; /* Certificate file */ char trc[16], /* Try Root Certificate parameter */ - filename[1024], /* Certificate filename */ - certificate[33];/* Certificate string */ + filename[1024]; /* Certificate filename */ _cups_globals_t *cg = _cupsGlobals(); /* Global data */ # if defined(HAVE_AUTHORIZATION_H) OSStatus status; /* Status */ @@ -862,19 +861,25 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */ * Read the certificate from the file... */ - fgets(certificate, sizeof(certificate), fp); + char certificate[33], /* Certificate string */ + *certptr; /* Pointer to certificate string */ + + certptr = fgets(certificate, sizeof(certificate), fp); fclose(fp); - /* - * Set the authorization string and return... - */ + if (certptr) + { + /* + * Set the authorization string and return... + */ - httpSetAuthString(http, "Local", certificate); + httpSetAuthString(http, "Local", certificate); - DEBUG_printf(("8cups_local_auth: Returning authstring=\"%s\"", - http->authstring)); + DEBUG_printf(("8cups_local_auth: Returning authstring=\"%s\"", + http->authstring)); - return (0); + return (0); + } } return (1);