diff --git a/testing/hplip/0001-hppsfilter-booklet-printing-change-insecure-fixed-tm.patch b/testing/hplip/0001-hppsfilter-booklet-printing-change-insecure-fixed-tm.patch deleted file mode 100644 index 1e81f1b0f52..00000000000 --- a/testing/hplip/0001-hppsfilter-booklet-printing-change-insecure-fixed-tm.patch +++ /dev/null @@ -1,203 +0,0 @@ -From 5875d32ce071e591461e404bdd8aae849ccdcab1 Mon Sep 17 00:00:00 2001 -From: Matthias Gerstner -Date: Fri, 8 Sep 2023 10:17:04 +0200 -Subject: [PATCH] hppsfilter: booklet printing: change insecure fixed /tmp file - paths - -Using the fixed /tmp file paths in booklet printing /tmp/booklet.ps, -/tmp/temp.ps and /tmp/NUP.ps is a local security issue and also prevents -potential parallel operation of hplip. - -Use proper `mkstemp()` for these files. Functions like `PS_Booklet()` -and `cupsFileOpen()` don't use the open file descriptor but open the -path by name again. This is safe, since the files have already been -safely created and have safe modes. I wanted to avoid changing a whole -series of function signatures for this. - -The purpose of the `chmod()` in `open_tempbookletfile()` is unclear, the -data should only be processed by our own process. Making the file world -readable is an information leak, though. Thus drop this line. ---- - prnt/hpps/hppsfilter.c | 124 ++++++++++++++++++++++++++++++++--------- - 1 file changed, 98 insertions(+), 26 deletions(-) - -diff --git a/prnt/hpps/hppsfilter.c b/prnt/hpps/hppsfilter.c -index d6721b1..711b8d8 100644 ---- a/prnt/hpps/hppsfilter.c -+++ b/prnt/hpps/hppsfilter.c -@@ -43,7 +43,9 @@ static FILE *g_fp_outdbgps = NULL; - static FILE *ptempbooklet_file = NULL; - static char temp_filename[FILE_NAME_SIZE] = {0}; - static char booklet_filename[FILE_NAME_SIZE] = {0}; -+static int booklet_fd = -1; - static char Nup_filename[FILE_NAME_SIZE] = {0}; -+static int Nup_fd = -1; - extern void PS_Booklet(char *tempfile, char *bookletfile, char *nupfile,int order, int nup, char* pagesize, int bookletMaker); - static const char *GetOptionValue(const char *iOptionValue); - -@@ -99,16 +101,78 @@ static int hpwrite (void *pBuffer, size_t size) - return ndata_written; - } - --static void open_tempbookletfile(char *mode) -+static int open_tempbookletfile(char *mode) - { -- ptempbooklet_file= fopen(temp_filename, mode); -+ snprintf(temp_filename, FILE_NAME_SIZE, "/tmp/hppsfilter-temp.XXXXXX"); -+ int fd = mkstemp(temp_filename); -+ if (fd < 0) { -+ temp_filename[0] = '\0'; -+ fprintf(stderr, "ERROR: Unable to open temp file %s\n", temp_filename); -+ return 1; -+ } -+ -+ ptempbooklet_file = fdopen(fd, mode); - if(ptempbooklet_file == NULL) - { -- fprintf(stderr, "ERROR: Unable to open temp file %s\n", temp_filename); -- return 1; -+ close(fd); -+ fprintf(stderr, "ERROR: Unable to open temp file %s\n", temp_filename); -+ return 1; - } -- chmod(temp_filename, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); -+ return 0; -+} -+ -+static void clean_tempfiles() -+{ -+ if (booklet_fd != -1) -+ { -+ close(booklet_fd); -+ booklet_fd = -1; -+ } -+ -+ if (Nup_fd != -1) -+ { -+ close(Nup_fd); -+ Nup_fd = -1; -+ } -+ -+ if (ptempbooklet_file != NULL) -+ { -+ fclose(ptempbooklet_file); -+ ptempbooklet_file = NULL; -+ } -+ -+ if( booklet_filename[0] != '\0' ) -+ { -+ if ((unlink(booklet_filename)) == -1) -+ { -+ fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",booklet_filename); -+ return 1; -+ } -+ -+ booklet_filename[0] = '\0'; -+ } -+ -+ if( temp_filename[0] != '\0' ) -+ { -+ if ((unlink(temp_filename)) == -1) -+ { -+ fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",temp_filename); -+ return 1; -+ } -+ -+ temp_filename[0] = '\0'; -+ } - -+ if( Nup_filename[0] != '\0' ) -+ { -+ if ((unlink(Nup_filename)) == -1) -+ { -+ fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",Nup_filename); -+ return 1; -+ } -+ -+ Nup_filename[0] = '\0'; -+ } - } - - static int Dump_tempbookletfile (void *pBuffer, size_t size) -@@ -921,6 +985,8 @@ int main (int argc, char **argv) - char buffer[MAX_BUFFER] = {0}; - int LfpSecurePin = 0; - -+ atexit(clean_tempfiles); -+ - get_LogLevel(); - setbuf (stderr, NULL); - -@@ -1024,13 +1090,32 @@ int main (int argc, char **argv) - if(booklet_enabled) - { - /* 1. dump the contents of the input file into temp file */ -- sprintf(booklet_filename, "/tmp/%s.ps","booklet"); -- sprintf(temp_filename, "/tmp/%s.ps","temp"); -- sprintf(Nup_filename, "/tmp/%s.ps","NUP"); -- open_tempbookletfile("w"); -- while( (numBytes = cupsFileGetLine(fp_input, line, sizeof(line))) > 0) -+ snprintf(booklet_filename, FILE_NAME_SIZE, "/tmp/hppsfilter-booklet.XXXXXX"); -+ booklet_fd = mkstemp(booklet_filename); -+ if( booklet_fd < 0 ) -+ { -+ booklet_filename[0] = '\0'; -+ fprintf(stderr, "ERROR: Unable to create booklet temporary file \"%s\"", booklet_filename); -+ return 1; -+ } -+ -+ snprintf(Nup_filename, FILE_NAME_SIZE, "/tmp/hppsfilter-nup.XXXXXX"); -+ Nup_fd = mkstemp(Nup_filename); -+ if( Nup_fd < 0 ) -+ { -+ Nup_filename[0] = '\0'; -+ clean_tempfiles(); -+ fprintf(stderr, "ERROR: Unable to create nup temporary file \"%s\"", Nup_filename); -+ return 1; -+ } -+ -+ if( open_tempbookletfile("w") != 0 ) -+ { -+ clean_tempfiles(); -+ return 1; -+ } -+ while( (numBytes = cupsFileGetLine(fp_input, line, sizeof(line))) > 0) - Dump_tempbookletfile (line, numBytes); -- fclose(ptempbooklet_file); - - /* 2. Perform the booklet operation on the PS file */ - PS_Booklet(temp_filename,booklet_filename,Nup_filename,order,nup,subString,bookletMaker); -@@ -1040,6 +1125,7 @@ int main (int argc, char **argv) - if ((fp_bookletinput = cupsFileOpen(Nup_filename, "r")) == NULL) - { - fprintf(stderr, "ERROR: Unable to open Nup_filename print file \"%s\"", Nup_filename); -+ clean_tempfiles(); - return 1; - } - while ( (numBytes = cupsFileGetLine(fp_bookletinput, line, sizeof(line))) > 0) -@@ -1047,21 +1133,7 @@ int main (int argc, char **argv) - cupsFileClose (fp_bookletinput); - - /* 4. Unlink function to remove the temp temporary files created */ -- if( (unlink(booklet_filename)) == -1) -- { -- fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",booklet_filename); -- return 1; -- } -- if( (unlink(temp_filename)) == -1) -- { -- fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",temp_filename); -- return 1; -- } -- if( (unlink(Nup_filename)) == -1) -- { -- fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",Nup_filename); -- return 1; -- } -+ clean_tempfiles(); - booklet_enabled = 0; - bookletMaker=0; - } --- -2.41.0 - diff --git a/testing/hplip/APKBUILD b/testing/hplip/APKBUILD index dd406843da5..97668ee753e 100644 --- a/testing/hplip/APKBUILD +++ b/testing/hplip/APKBUILD @@ -3,8 +3,8 @@ # Contributor: Timo Teräs # Contributor: Valery Kartel pkgname=hplip -pkgver=3.23.8 -pkgrel=3 +pkgver=3.23.12 +pkgrel=0 pkgdesc="Drivers for HP printers and scanners" arch="all" url="http://hplipopensource.com" @@ -12,7 +12,6 @@ license="GPL-2.0-only AND BSD-3-Clause AND MIT" makedepends="dbus-dev libjpeg-turbo-dev net-snmp-dev cups-dev libusb-dev sane-dev gawk python3-dev" subpackages="$pkgname-doc $pkgname-libs $pkgname-ppd sane-backend-hpaio:sane" source="https://downloads.sourceforge.net/hplip/hplip-$pkgver.tar.gz - 0001-hppsfilter-booklet-printing-change-insecure-fixed-tm.patch fix-memmove.patch disable_upgrade.patch more-imageprocessor-removes.patch @@ -67,8 +66,7 @@ sane() { } sha512sums=" -727b5a6c5b5c77571f1bc27efd493cf8177f543412fa70f0f1ff3439d6599c85985206ccb1c60dbc8bec1e23ef6b25f9030fd872c24799029ba8526b0061cc90 hplip-3.23.8.tar.gz -2815de954870d5ef5f66c93e6dfb34ff4b283556514c99d98a102dfbe4c531cbbaf21054249bcaa3dfd6233de12f9084d317ccf4c11f0145e24944801bb0cb1f 0001-hppsfilter-booklet-printing-change-insecure-fixed-tm.patch +7461ffec38be68421e4204021f53d2b1641e7a67c14f205390d45f487a1af90956fd221f7e1561635508103ae944f19e04d6052d3f8928f2c9685fdcdcf515df hplip-3.23.12.tar.gz 7d247b219595a8be4a9d709f14a9034eee1cef467981ffc29d18ee3c00bee125640b1149d7e57e3332242efd978d7cb3f8f25f21d41fb39e38f9520626cfe1ff fix-memmove.patch ac436b54aecc0c2a7fc0eb5ae8e28d483c1efd5bd9385b0a1480fb78b8ccdd28ef85db86a980aec5ca093e9095d5714f93df095bf606e9a9c919f07c64e29697 disable_upgrade.patch d8e76cb3757a7659f667e3d54cd0b7572dd8af1f4f87e26694dd3e4b1e0ec5cba7fe2d0ca531e14d568a675aa4a201795a3edb2c8892230e41e0d9408959b726 more-imageprocessor-removes.patch