No longer support backslash, question mark, or quotes in printer names (Issue #4966)

author: Michael R Sweet <michaelrsweet@gmail.com> 2017-11-01 12:27:58 -0400
committer: Michael R Sweet <michaelrsweet@gmail.com> 2017-11-01 12:27:58 -0400
commit: f1547f121cd10de60d57248a9de6df3982f451c4 (patch)
tree: 1d05c4299108dba8fa35f28aa8d58d3f9901913c /cgi-bin
parent: d0df9cd33768b02cf5327c9d625568d21ced0297 (diff)
download: cups-f1547f121cd10de60d57248a9de6df3982f451c4.tar.gz
1 files changed, 2 insertions, 5 deletions
diff --git a/cgi-bin/admin.c b/cgi-bin/admin.c
index cfdf3ff01..179a8d68e 100644
--- a/cgi-bin/admin.c
+++ b/cgi-bin/admin.c
@@ -695,16 +695,13 @@ do_am_printer(http_t *http,		/* I - HTTP connection */
   if ((name = cgiGetVariable("PRINTER_NAME")) != NULL)
   {
     for (ptr = name; *ptr; ptr ++)
-      if ((*ptr >= 0 && *ptr <= ' ') || *ptr == 127 || *ptr == '/' || *ptr == '#')
+      if ((*ptr >= 0 && *ptr <= ' ') || *ptr == 127 || *ptr == '/' || *ptr == '\\' || *ptr == '?' || *ptr == '\'' || *ptr == '\"' || *ptr == '#')
 	break;
 
     if (*ptr || ptr == name || strlen(name) > 127)
     {
       cgiSetVariable("ERROR",
-		     cgiText(_("The printer name may only contain up to "
-			       "127 printable characters and may not "
-			       "contain spaces, slashes (/), or the "
-			       "pound sign (#).")));
+		     cgiText(_("The printer name may only contain up to 127 printable characters and may not contain spaces, slashes (/ \\), quotes (' \"), question mark (?), or the pound sign (#).")));
       cgiStartHTML(title);
       cgiCopyTemplateLang("error.tmpl");
       cgiEndHTML();
author	Michael R Sweet <michaelrsweet@gmail.com>	2017-11-01 12:27:58 -0400
committer	Michael R Sweet <michaelrsweet@gmail.com>	2017-11-01 12:27:58 -0400
commit	f1547f121cd10de60d57248a9de6df3982f451c4 (patch)
tree	1d05c4299108dba8fa35f28aa8d58d3f9901913c /cgi-bin
parent	d0df9cd33768b02cf5327c9d625568d21ced0297 (diff)
download	cups-f1547f121cd10de60d57248a9de6df3982f451c4.tar.gz