28 lines
1.1 KiB
Text
28 lines
1.1 KiB
Text
$NetBSD: patch-ba,v 1.4 2010/06/16 21:15:18 sbd Exp $
|
|
|
|
Incorporate 0001-More-complete-fix-for-CVE-2009-3553.patch from
|
|
http://www.cups.org/str.php?L3490
|
|
"CVE-2010-0302: Incomplete fix for CVE-2009-3553 (STR #3200)"
|
|
|
|
--- scheduler/select.c.orig 2010-01-14 22:40:19.000000000 +0000
|
|
+++ scheduler/select.c
|
|
@@ -454,7 +454,8 @@ cupsdDoSelect(long timeout) /* I - Time
|
|
if (fdptr->read_cb && event->filter == EVFILT_READ)
|
|
(*(fdptr->read_cb))(fdptr->data);
|
|
|
|
- if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE)
|
|
+ if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE &&
|
|
+ !cupsArrayFind(cupsd_inactive_fds, fdptr))
|
|
(*(fdptr->write_cb))(fdptr->data);
|
|
|
|
release_fd(fdptr);
|
|
@@ -500,7 +501,8 @@ cupsdDoSelect(long timeout) /* I - Time
|
|
(*(fdptr->read_cb))(fdptr->data);
|
|
|
|
if (fdptr->use > 1 && fdptr->write_cb &&
|
|
- (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
|
|
+ (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)) &&
|
|
+ !cupsArrayFind(cupsd_inactive_fds, fdptr))
|
|
(*(fdptr->write_cb))(fdptr->data);
|
|
|
|
release_fd(fdptr);
|