From: msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>
Date: Mon, 20 Oct 2014 21:41:29 +0000 (+0000)
Subject: cupsGetPPD* would return a symlink to the PPD in /etc/cups/ppd even if it was
X-Git-Tag: v2.2b1~458
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9b9c3de281cf9178802d480453ce223ba9849214;p=thirdparty%2Fcups.git

cupsGetPPD* would return a symlink to the PPD in /etc/cups/ppd even if it was
not readable by the user (STR #4500)



git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12218 a1ca3aef-8c08-0410-bb20-df032aa958be
---

diff --git a/CHANGES-2.0.txt b/CHANGES-2.0.txt
index a2cb4ae122..17455f6200 100644
--- a/CHANGES-2.0.txt
+++ b/CHANGES-2.0.txt
@@ -6,6 +6,8 @@ CHANGES IN CUPS V2.0.1
 	- Security: SSLv3 is now disabled by default to protect against the
 	  POODLE attack (STR #4476)
 	- Printer sharing did not work when systemd was being used (STR #4497)
+	- cupsGetPPD* would return a symlink to the PPD in /etc/cups/ppd even if
+	  it was not readable by the user (STR #4500)
 	- Fixed a crash in ippAttributeString (<rdar://problem/17903871>)
 	- RPMs did not build (STR #4490)
 
diff --git a/cups/util.c b/cups/util.c
index 8c340efc79..ac43bb4149 100644
--- a/cups/util.c
+++ b/cups/util.c
@@ -846,10 +846,10 @@ cupsGetPPD3(http_t     *http,		/* I  - HTTP connection or @code CUPS_HTTP_DEFAUL
 
     snprintf(ppdname, sizeof(ppdname), "%s/ppd/%s.ppd", cg->cups_serverroot,
              name);
-    if (!stat(ppdname, &ppdinfo))
+    if (!stat(ppdname, &ppdinfo) && !access(ppdname, R_OK))
     {
      /*
-      * OK, the file exists, use it!
+      * OK, the file exists and is readable, use it!
       */
 
       if (buffer[0])