mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-28 22:57:37 +00:00
extra/hplip to 3.23.8-2
This commit is contained in:
parent
03898d5066
commit
4a2c0c2ab7
3 changed files with 277 additions and 1 deletions
68
extra/hplip/.SRCINFO
Normal file
68
extra/hplip/.SRCINFO
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
pkgbase = hplip
|
||||||
|
pkgdesc = Drivers for HP DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet
|
||||||
|
pkgver = 3.23.8
|
||||||
|
pkgrel = 2
|
||||||
|
epoch = 1
|
||||||
|
url = https://hplipopensource.com
|
||||||
|
arch = x86_64
|
||||||
|
license = GPL2
|
||||||
|
license = custom
|
||||||
|
makedepends = python-pyqt5
|
||||||
|
makedepends = sane
|
||||||
|
makedepends = rpcbind
|
||||||
|
makedepends = cups
|
||||||
|
makedepends = libusb
|
||||||
|
depends = python-dbus
|
||||||
|
depends = python-distro
|
||||||
|
depends = ghostscript
|
||||||
|
depends = net-snmp
|
||||||
|
depends = foomatic-db-engine
|
||||||
|
depends = python-gobject
|
||||||
|
depends = libxcrypt
|
||||||
|
depends = libjpeg-turbo
|
||||||
|
depends = dbus
|
||||||
|
depends = gcc-libs
|
||||||
|
depends = avahi
|
||||||
|
depends = python
|
||||||
|
depends = xdg-utils
|
||||||
|
depends = zlib
|
||||||
|
depends = libcups
|
||||||
|
depends = glibc
|
||||||
|
optdepends = cups: for printing support
|
||||||
|
optdepends = sane: for scanner support
|
||||||
|
optdepends = xsane: sane scanner frontend
|
||||||
|
optdepends = python-pillow: for commandline scanning support
|
||||||
|
optdepends = python-reportlab: for pdf output in hp-scan
|
||||||
|
optdepends = rpcbind: for network support
|
||||||
|
optdepends = python-pyqt5: for running GUI and hp-toolbox
|
||||||
|
optdepends = libusb: for advanced usb support
|
||||||
|
optdepends = wget: for network support
|
||||||
|
backup = etc/hp/hplip.conf
|
||||||
|
backup = etc/sane.d/dll.d/hpaio
|
||||||
|
source = https://downloads.sourceforge.net/hplip/hplip-3.23.8.tar.gz
|
||||||
|
source = https://downloads.sourceforge.net/hplip/hplip-3.23.8.tar.gz.asc
|
||||||
|
source = disable_upgrade.patch
|
||||||
|
source = 0001_hppsfilter_booklet_printing_change_insecure_fixed_tm.patch
|
||||||
|
source = 0003-models.dat-Re-add-drivers-missing-from-3.19.1.patch
|
||||||
|
source = 0018-Allow-non-JPEG-scanning-on-the-HP-DeskJet-3520-All-i.patch
|
||||||
|
source = 0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
|
||||||
|
source = 0023-Fix-handling-of-unicode-filenames-in-sixext.py.patch
|
||||||
|
source = 0025_fix-Werror-format-security.patch
|
||||||
|
source = hplip-configure-python.patch
|
||||||
|
source = python3.diff
|
||||||
|
source = reproducible-gzip.patch
|
||||||
|
validpgpkeys = 4ABA2F66DBD5A95894910E0673D770CDA59047B9
|
||||||
|
sha512sums = 727b5a6c5b5c77571f1bc27efd493cf8177f543412fa70f0f1ff3439d6599c85985206ccb1c60dbc8bec1e23ef6b25f9030fd872c24799029ba8526b0061cc90
|
||||||
|
sha512sums = SKIP
|
||||||
|
sha512sums = a12aaeece5285ffb86bdbc24871bf512fbc1f29da44ae51ded314378032662074a42b8aca23bebb378bf78ed15bb7f99da59bfb4cd456f3458e7a5ef42a900f8
|
||||||
|
sha512sums = 7902950fbd9affaf01b8406fb8e49648ad06a8495e76ad3c5717a6d62f415616d9cc01f31da08d14ce36acec672e3b843b790ac1e4525838ddc707ab0cb87d2f
|
||||||
|
sha512sums = f79b3f09d022178099f38b9eae1792396e730eb5352a03d088e6610d92b3895f3f65bb92089ce7f5b21d794f9716ceb176d29ca7283e8a48bb04cf6aba305a2f
|
||||||
|
sha512sums = 93e29a9ef893636b2b84443e75525c4ed42531d6e68a182dfbb725c3919c77b966b5e7d9381a34d3b5853423995a7b15efb69ce3e500ec72b25b65b2ad6bd64c
|
||||||
|
sha512sums = 22aeb5b851f78bc6bc62e0bc3da99fecaf42d7604af41e2f3343f8d3666541f7b06b7d1a7d0ddf24f1731ac7b12dfe582375a98e3b94dfa323d6ce954549ca67
|
||||||
|
sha512sums = 763949a0bc460dcc9faefc86f2a91cf342781bfce696ed0c3826758572dd03ac266bbeb7b6a4f9376ac298d7d3c9c4def42d94921a8e1d1695e39396e36d95ff
|
||||||
|
sha512sums = b7e67bccb2516f4d98e4c5ea55f7d2299d95bfdc341dbc0149af1423169bedcd8bcfdb125c92f373e9e7be57ea284fef80a8343035fb42572b9cb927929cd257
|
||||||
|
sha512sums = 089c102357ea5fd55d81ae76aaff62713f780fd84500c3b92ecd6b2bb11ccdc3a162978548e9a5f9e98a8354a5be3997e416c52daa18eda4621ed79a29d6fea8
|
||||||
|
sha512sums = b8a4c860e90a52ec566ca5a9c7f3a5ecb7386ae76e17b2c6c878073e60eeaf0cb63883b740b4725794be9914e1ab8fc91313efb288395f3095f599c07f54cf14
|
||||||
|
sha512sums = 379fcbe9dc2986da828a174a0ac4e71a1da43a98408894d5e713e09d7d9cba1e9fac30f9602b81d48d992abe6b65b6402b8a07664efe97400c5d839be33cf15f
|
||||||
|
|
||||||
|
pkgname = hplip
|
|
@ -0,0 +1,204 @@
|
||||||
|
From 5875d32ce071e591461e404bdd8aae849ccdcab1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Matthias Gerstner <matthias.gerstner@suse.de>
|
||||||
|
Date: Fri, 8 Sep 2023 10:17:04 +0200
|
||||||
|
Subject: [PATCH] hppsfilter: booklet printing: change insecure fixed /tmp file
|
||||||
|
paths
|
||||||
|
|
||||||
|
Using the fixed /tmp file paths in booklet printing /tmp/booklet.ps,
|
||||||
|
/tmp/temp.ps and /tmp/NUP.ps is a local security issue and also prevents
|
||||||
|
potential parallel operation of hplip.
|
||||||
|
|
||||||
|
Use proper `mkstemp()` for these files. Functions like `PS_Booklet()`
|
||||||
|
and `cupsFileOpen()` don't use the open file descriptor but open the
|
||||||
|
path by name again. This is safe, since the files have already been
|
||||||
|
safely created and have safe modes. I wanted to avoid changing a whole
|
||||||
|
series of function signatures for this.
|
||||||
|
|
||||||
|
The purpose of the `chmod()` in `open_tempbookletfile()` is unclear, the
|
||||||
|
data should only be processed by our own process. Making the file world
|
||||||
|
readable is an information leak, though. Thus drop this line.
|
||||||
|
---
|
||||||
|
prnt/hpps/hppsfilter.c | 124 ++++++++++++++++++++++++++++++++---------
|
||||||
|
1 file changed, 98 insertions(+), 26 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/prnt/hpps/hppsfilter.c b/prnt/hpps/hppsfilter.c
|
||||||
|
index d6721b1..711b8d8 100644
|
||||||
|
--- a/prnt/hpps/hppsfilter.c
|
||||||
|
+++ b/prnt/hpps/hppsfilter.c
|
||||||
|
@@ -43,7 +43,9 @@ static FILE *g_fp_outdbgps = NULL;
|
||||||
|
static FILE *ptempbooklet_file = NULL;
|
||||||
|
static char temp_filename[FILE_NAME_SIZE] = {0};
|
||||||
|
static char booklet_filename[FILE_NAME_SIZE] = {0};
|
||||||
|
+static int booklet_fd = -1;
|
||||||
|
static char Nup_filename[FILE_NAME_SIZE] = {0};
|
||||||
|
+static int Nup_fd = -1;
|
||||||
|
extern void PS_Booklet(char *tempfile, char *bookletfile, char *nupfile,int order, int nup, char* pagesize, int bookletMaker);
|
||||||
|
static const char *GetOptionValue(const char *iOptionValue);
|
||||||
|
|
||||||
|
@@ -99,16 +101,78 @@ static int hpwrite (void *pBuffer, size_t size)
|
||||||
|
return ndata_written;
|
||||||
|
}
|
||||||
|
|
||||||
|
-static void open_tempbookletfile(char *mode)
|
||||||
|
+static int open_tempbookletfile(char *mode)
|
||||||
|
{
|
||||||
|
- ptempbooklet_file= fopen(temp_filename, mode);
|
||||||
|
+ snprintf(temp_filename, FILE_NAME_SIZE, "/tmp/hppsfilter-temp.XXXXXX");
|
||||||
|
+ int fd = mkstemp(temp_filename);
|
||||||
|
+ if (fd < 0) {
|
||||||
|
+ temp_filename[0] = '\0';
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to open temp file %s\n", temp_filename);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ ptempbooklet_file = fdopen(fd, mode);
|
||||||
|
if(ptempbooklet_file == NULL)
|
||||||
|
{
|
||||||
|
- fprintf(stderr, "ERROR: Unable to open temp file %s\n", temp_filename);
|
||||||
|
- return 1;
|
||||||
|
+ close(fd);
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to open temp file %s\n", temp_filename);
|
||||||
|
+ return 1;
|
||||||
|
}
|
||||||
|
- chmod(temp_filename, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static void clean_tempfiles()
|
||||||
|
+{
|
||||||
|
+ if (booklet_fd != -1)
|
||||||
|
+ {
|
||||||
|
+ close(booklet_fd);
|
||||||
|
+ booklet_fd = -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (Nup_fd != -1)
|
||||||
|
+ {
|
||||||
|
+ close(Nup_fd);
|
||||||
|
+ Nup_fd = -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (ptempbooklet_file != NULL)
|
||||||
|
+ {
|
||||||
|
+ fclose(ptempbooklet_file);
|
||||||
|
+ ptempbooklet_file = NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if( booklet_filename[0] != '\0' )
|
||||||
|
+ {
|
||||||
|
+ if ((unlink(booklet_filename)) == -1)
|
||||||
|
+ {
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",booklet_filename);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ booklet_filename[0] = '\0';
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if( temp_filename[0] != '\0' )
|
||||||
|
+ {
|
||||||
|
+ if ((unlink(temp_filename)) == -1)
|
||||||
|
+ {
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",temp_filename);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ temp_filename[0] = '\0';
|
||||||
|
+ }
|
||||||
|
|
||||||
|
+ if( Nup_filename[0] != '\0' )
|
||||||
|
+ {
|
||||||
|
+ if ((unlink(Nup_filename)) == -1)
|
||||||
|
+ {
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",Nup_filename);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Nup_filename[0] = '\0';
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
static int Dump_tempbookletfile (void *pBuffer, size_t size)
|
||||||
|
@@ -921,6 +985,8 @@ int main (int argc, char **argv)
|
||||||
|
char buffer[MAX_BUFFER] = {0};
|
||||||
|
int LfpSecurePin = 0;
|
||||||
|
|
||||||
|
+ atexit(clean_tempfiles);
|
||||||
|
+
|
||||||
|
get_LogLevel();
|
||||||
|
setbuf (stderr, NULL);
|
||||||
|
|
||||||
|
@@ -1024,13 +1090,32 @@ int main (int argc, char **argv)
|
||||||
|
if(booklet_enabled)
|
||||||
|
{
|
||||||
|
/* 1. dump the contents of the input file into temp file */
|
||||||
|
- sprintf(booklet_filename, "/tmp/%s.ps","booklet");
|
||||||
|
- sprintf(temp_filename, "/tmp/%s.ps","temp");
|
||||||
|
- sprintf(Nup_filename, "/tmp/%s.ps","NUP");
|
||||||
|
- open_tempbookletfile("w");
|
||||||
|
- while( (numBytes = cupsFileGetLine(fp_input, line, sizeof(line))) > 0)
|
||||||
|
+ snprintf(booklet_filename, FILE_NAME_SIZE, "/tmp/hppsfilter-booklet.XXXXXX");
|
||||||
|
+ booklet_fd = mkstemp(booklet_filename);
|
||||||
|
+ if( booklet_fd < 0 )
|
||||||
|
+ {
|
||||||
|
+ booklet_filename[0] = '\0';
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to create booklet temporary file \"%s\"", booklet_filename);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ snprintf(Nup_filename, FILE_NAME_SIZE, "/tmp/hppsfilter-nup.XXXXXX");
|
||||||
|
+ Nup_fd = mkstemp(Nup_filename);
|
||||||
|
+ if( Nup_fd < 0 )
|
||||||
|
+ {
|
||||||
|
+ Nup_filename[0] = '\0';
|
||||||
|
+ clean_tempfiles();
|
||||||
|
+ fprintf(stderr, "ERROR: Unable to create nup temporary file \"%s\"", Nup_filename);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if( open_tempbookletfile("w") != 0 )
|
||||||
|
+ {
|
||||||
|
+ clean_tempfiles();
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ while( (numBytes = cupsFileGetLine(fp_input, line, sizeof(line))) > 0)
|
||||||
|
Dump_tempbookletfile (line, numBytes);
|
||||||
|
- fclose(ptempbooklet_file);
|
||||||
|
|
||||||
|
/* 2. Perform the booklet operation on the PS file */
|
||||||
|
PS_Booklet(temp_filename,booklet_filename,Nup_filename,order,nup,subString,bookletMaker);
|
||||||
|
@@ -1040,6 +1125,7 @@ int main (int argc, char **argv)
|
||||||
|
if ((fp_bookletinput = cupsFileOpen(Nup_filename, "r")) == NULL)
|
||||||
|
{
|
||||||
|
fprintf(stderr, "ERROR: Unable to open Nup_filename print file \"%s\"", Nup_filename);
|
||||||
|
+ clean_tempfiles();
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
while ( (numBytes = cupsFileGetLine(fp_bookletinput, line, sizeof(line))) > 0)
|
||||||
|
@@ -1047,21 +1133,7 @@ int main (int argc, char **argv)
|
||||||
|
cupsFileClose (fp_bookletinput);
|
||||||
|
|
||||||
|
/* 4. Unlink function to remove the temp temporary files created */
|
||||||
|
- if( (unlink(booklet_filename)) == -1)
|
||||||
|
- {
|
||||||
|
- fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",booklet_filename);
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
- if( (unlink(temp_filename)) == -1)
|
||||||
|
- {
|
||||||
|
- fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",temp_filename);
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
- if( (unlink(Nup_filename)) == -1)
|
||||||
|
- {
|
||||||
|
- fprintf(stderr, "ERROR: Unable to remove temporary files in /tmp dir \"%s\" ",Nup_filename);
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
+ clean_tempfiles();
|
||||||
|
booklet_enabled = 0;
|
||||||
|
bookletMaker=0;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
|
|
||||||
pkgname=hplip
|
pkgname=hplip
|
||||||
pkgver=3.23.8
|
pkgver=3.23.8
|
||||||
pkgrel=1
|
pkgrel=2
|
||||||
epoch=1
|
epoch=1
|
||||||
pkgdesc="Drivers for HP DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet"
|
pkgdesc="Drivers for HP DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet"
|
||||||
arch=('x86_64')
|
arch=('x86_64')
|
||||||
|
@ -32,6 +32,7 @@ optdepends=('cups: for printing support'
|
||||||
backup=('etc/hp/hplip.conf' 'etc/sane.d/dll.d/hpaio')
|
backup=('etc/hp/hplip.conf' 'etc/sane.d/dll.d/hpaio')
|
||||||
source=(https://downloads.sourceforge.net/${pkgname}/$pkgname-$pkgver.tar.gz{,.asc}
|
source=(https://downloads.sourceforge.net/${pkgname}/$pkgname-$pkgver.tar.gz{,.asc}
|
||||||
disable_upgrade.patch
|
disable_upgrade.patch
|
||||||
|
0001_hppsfilter_booklet_printing_change_insecure_fixed_tm.patch
|
||||||
0003-models.dat-Re-add-drivers-missing-from-3.19.1.patch
|
0003-models.dat-Re-add-drivers-missing-from-3.19.1.patch
|
||||||
0018-Allow-non-JPEG-scanning-on-the-HP-DeskJet-3520-All-i.patch
|
0018-Allow-non-JPEG-scanning-on-the-HP-DeskJet-3520-All-i.patch
|
||||||
0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
|
0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
|
||||||
|
@ -45,6 +46,7 @@ source=(https://downloads.sourceforge.net/${pkgname}/$pkgname-$pkgver.tar.gz{,.a
|
||||||
sha512sums=('727b5a6c5b5c77571f1bc27efd493cf8177f543412fa70f0f1ff3439d6599c85985206ccb1c60dbc8bec1e23ef6b25f9030fd872c24799029ba8526b0061cc90'
|
sha512sums=('727b5a6c5b5c77571f1bc27efd493cf8177f543412fa70f0f1ff3439d6599c85985206ccb1c60dbc8bec1e23ef6b25f9030fd872c24799029ba8526b0061cc90'
|
||||||
'SKIP'
|
'SKIP'
|
||||||
'a12aaeece5285ffb86bdbc24871bf512fbc1f29da44ae51ded314378032662074a42b8aca23bebb378bf78ed15bb7f99da59bfb4cd456f3458e7a5ef42a900f8'
|
'a12aaeece5285ffb86bdbc24871bf512fbc1f29da44ae51ded314378032662074a42b8aca23bebb378bf78ed15bb7f99da59bfb4cd456f3458e7a5ef42a900f8'
|
||||||
|
'7902950fbd9affaf01b8406fb8e49648ad06a8495e76ad3c5717a6d62f415616d9cc01f31da08d14ce36acec672e3b843b790ac1e4525838ddc707ab0cb87d2f'
|
||||||
'f79b3f09d022178099f38b9eae1792396e730eb5352a03d088e6610d92b3895f3f65bb92089ce7f5b21d794f9716ceb176d29ca7283e8a48bb04cf6aba305a2f'
|
'f79b3f09d022178099f38b9eae1792396e730eb5352a03d088e6610d92b3895f3f65bb92089ce7f5b21d794f9716ceb176d29ca7283e8a48bb04cf6aba305a2f'
|
||||||
'93e29a9ef893636b2b84443e75525c4ed42531d6e68a182dfbb725c3919c77b966b5e7d9381a34d3b5853423995a7b15efb69ce3e500ec72b25b65b2ad6bd64c'
|
'93e29a9ef893636b2b84443e75525c4ed42531d6e68a182dfbb725c3919c77b966b5e7d9381a34d3b5853423995a7b15efb69ce3e500ec72b25b65b2ad6bd64c'
|
||||||
'22aeb5b851f78bc6bc62e0bc3da99fecaf42d7604af41e2f3343f8d3666541f7b06b7d1a7d0ddf24f1731ac7b12dfe582375a98e3b94dfa323d6ce954549ca67'
|
'22aeb5b851f78bc6bc62e0bc3da99fecaf42d7604af41e2f3343f8d3666541f7b06b7d1a7d0ddf24f1731ac7b12dfe582375a98e3b94dfa323d6ce954549ca67'
|
||||||
|
@ -61,6 +63,8 @@ prepare() {
|
||||||
|
|
||||||
# disable insecure update - https://bugs.archlinux.org/task/38083
|
# disable insecure update - https://bugs.archlinux.org/task/38083
|
||||||
patch -Np0 -i "${srcdir}"/disable_upgrade.patch
|
patch -Np0 -i "${srcdir}"/disable_upgrade.patch
|
||||||
|
# security issues in hpps - https://www.openwall.com/lists/oss-security/2023/11/17/1
|
||||||
|
patch -Np1 -i "${srcdir}"/0001_hppsfilter_booklet_printing_change_insecure_fixed_tm.patch
|
||||||
# add missing 'include <cups/ppd.h>' at various places
|
# add missing 'include <cups/ppd.h>' at various places
|
||||||
patch -Np1 -i "${srcdir}"/0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
|
patch -Np1 -i "${srcdir}"/0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
|
||||||
# fix some handling unicode file names FS#58412
|
# fix some handling unicode file names FS#58412
|
||||||
|
|
Loading…
Reference in a new issue