CVE-2026-4480: s3:testparm: warn about 'print command' %J usage

BUG: https://bugzilla.samba.org/show_bug.cgi?id=16033

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index af3a253fc2880742bfc67a4c5249aa40696a388a..156a78c0f6958b0933131a932ddbf1d4450bf852 100644 (file)
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -953,6 +953,14 @@ static void do_per_share_checks(int s)
                        "parameter is ignored when using CUPS libraries.\n\n",
                        lp_servicename(talloc_tos(), lp_sub, s));
        }
+       if (talloc_string_sub_mixed_quoting(lp_print_command(s), 'J')) {
+               fprintf(stderr,
+                       "WARNING: Service %s defines a 'print command' "
+                       "with mixed quoting and %%J.\n"
+                       "CVE-2026-4480 changed the way %%J substitution works.\n"
+                       "You should use single quotes (directly) around '%%J'.\n\n",
+                       lp_servicename(talloc_tos(), lp_sub, s));
+       }
 
        vfs_objects = lp_vfs_objects(s);
        if (vfs_objects && str_list_check(vfs_objects, "fruit")) {