Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correct problem with memory access violation for incorrect PPD file #5623

Closed
wants to merge 1 commit into from
Closed

Correct problem with memory access violation for incorrect PPD file #5623

wants to merge 1 commit into from

Conversation

ppawliczek
Copy link

The problem occurres when an input PPD file contains a pair of the same
ParamCustom* keywords with the same name and different type. In this case
the PPD parser may cause memory leak or memory violation when one of
the type is PPD_CUSTOM_PASSCODE, PPD_CUSTOM_PASSWORD or PPD_CUSTOM_STRING.
A parameter with expected parameter type is added to ppd_get_cparam(...).

The problem occurres when an input PPD file contains a pair of the same
5c9987a 
ParamCustom* keywords with the same name and different type. In this case
the PPD parser may cause memory leak or memory violation when one of
the type is PPD_CUSTOM_PASSCODE, PPD_CUSTOM_PASSWORD or PPD_CUSTOM_STRING.
@michaelrsweet
Copy link
Collaborator

@ppawliczek Please attach the problematic PPD file.

@michaelrsweet michaelrsweet self-assigned this Jul 30, 2019
@michaelrsweet michaelrsweet added the investigating Investigating the issue label Jul 30, 2019
@ppawliczek
Copy link
Author

The PPS file is incorrect, however it should not cause incorrect memory reads.
As I can recall, incorrect read occurs when the PPD file is being closed (when some memory is freed).

clusterfuzz-testcase-minimized-cups_ppdopen_fuzzer-6243187697647616.zip

michaelrsweet added a commit that referenced this pull request Aug 1, 2019
@michaelrsweet
Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #…
dc00a7c 
…5624)
michaelrsweet added a commit that referenced this pull request Aug 1, 2019
@michaelrsweet
Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #…
d11af54 
…5624)
michaelrsweet added a commit that referenced this pull request Aug 1, 2019
@michaelrsweet
Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #…
8e048e4 
…5624)
@michaelrsweet michaelrsweet mentioned this pull request Aug 1, 2019
Closed
@michaelrsweet michaelrsweet added priority-high and removed investigating Investigating the issue labels Aug 1, 2019
@michaelrsweet michaelrsweet added this to the CUPS 2.2.x Updates milestone Aug 1, 2019
@michaelrsweet
Copy link
Collaborator

[master dc00a7c] Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #5624)
[master 8e048e4] Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #5624)

[branch-2.2 d11af54] Fix some PPD parser issues discovered via fuzzing (Issue #5623, Issue #5624)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@michaelrsweet michaelrsweet

Labels
priority-high
Projects
None yet
Milestone
CUPS 2.2.x Updates
Development

Successfully merging this pull request may close these issues.
2 participants
@ppawliczek @michaelrsweet