Skip to content

Modernization: C++23 Core Refactor, CMake Build System, and Security Hardening#22

Open
dutch2005 wants to merge 6 commits into
OpenPrinting:masterfrom
dutch2005:master
Open

Modernization: C++23 Core Refactor, CMake Build System, and Security Hardening#22
dutch2005 wants to merge 6 commits into
OpenPrinting:masterfrom
dutch2005:master

Conversation

@dutch2005
Copy link
Copy Markdown

@dutch2005 dutch2005 commented Apr 24, 2026

Overview

This Pull Request introduces a comprehensive modernization of the SpliX driver, transitioning the original 2006-era C++98 codebase to modern C++23 standards.

The primary motivation for this effort (completed in April 2026) was to eliminate long-standing memory management boilerplate, deprecate the legacy Makefile system, and establish a robust, automated CI/CD pipeline. These changes ensure the driver's long-term maintainability, security, and stability on modern Linux/macOS distributions, while strictly maintaining 100% bit-perfect protocol compatibility with all legacy Samsung, Xerox, and Dell printers.

What was changed & Why

  • Memory & Thread Safety (C++23): Eliminated all manual memory management (malloc/free, new/delete) and legacy POSIX threading. Replaced with std::vector, std::span, and std::counting_semaphore. Why: To natively guarantee memory safety, eliminate historical memory leaks, and remove hundreds of lines of duplicated buffer-tracking boilerplate.
  • Build System Modernization: Replaced the deprecated Makefile and rules.mk with a robust CMake (3.25+) configuration. Why: To support modern IDEs, simplify dependency tracking, and natively integrate with CPack for automated .deb and .rpm packaging.
  • Security Hardening: The compiler pipeline now enforces Full RELRO, PIE, Stack Protection (-fstack-protector-strong), and Fortify Source. Added explicit output-size bounds checking to the Algo0x11 (LZS) compression. Why: To bring the driver up to modern enterprise security standards and prevent potential edge-case buffer overflows on printer firmware.
  • Endianness Handling: Replaced duplicated #ifdef WORDS_BIGENDIAN fallback logic with modern standard-compliant memcpy. Why: The previous logic was required for old Big-Endian host CPUs (like PowerPC). Modern C++ handles this natively, allowing us to generate the required Little-Endian QPDL payloads with much leaner code.
  • New Hardware & PPDs: Integrated support for the Samsung ML-1670 and SCX-3400. The build process now pre-compiles all 248 .ppd files natively. Why: Removes the burden for end-users to have cups-ppdc installed on modern operating systems.

Verification

  • Automated CI/CD: Introduced a GitHub Actions pipeline using ubuntu:26.04 to automatically cross-compile for both AMD64 and ARM64.
  • Testing: Implemented a Google Test (GTest) framework validating the critical QPDL compression algorithms (0x11, 0x15, 0x0D, 0x0E).
  • Regressions: The byte-stream output has been extensively regression-tested against the legacy driver outputs to guarantee that the hardware integration remains untouched.

dutch2005
dutch2005 commented Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Author

@dutch2005 dutch2005 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok

dutch2005 added 6 commits May 8, 2026 16:04
@dutch2005
build: replace legacy Makefile with CMake 3.16+, CI/CD, and security …
fd06a59 
…hardening

Replace the legacy Makefile/rules.mk build system with a modern CMakeLists.txt
that targets C++23 and integrates:

- CMake presets for reproducible builds
- CPack packaging for .deb (amd64/arm64) and .rpm generation
- ARM64 cross-compilation via cmake/toolchain-arm64.cmake
- GitHub Actions CI/CD pipeline (build.yml) with multi-arch matrix
- Docker-based build environment
- Security hardening: Full RELRO, PIE, stack protector, FORTIFY_SOURCE=2
- Generated version.h from version.h.in template
- Pre-push hook for local validation

Removed: Makefile, rules.mk, module.mk, src/module.mk, tools/Makefile,
ppd/Makefile, ppd/compile.sh
@dutch2005
feat: modernize C++ codebase for C++23 compatibility and memory safety
faf47a6 
- Fix pointer arithmetic and buffer overflow vulnerabilities in qpdl.cpp
- Add sp_portable.h and sp_result.h for explicit error handling
- Replace deprecated synchronization primitives with sp_semaphore
- Initialize cache arrays properly to prevent race conditions
- Use strictly typed integer sizes and bounds checking
@dutch2005
feat: add support for new Samsung/Xerox printer models and update PPDs
99a231f 
- Add Samsung ML-1670, ML-1860 series, SCX-3400, M2020, M2070
- Add Samsung M262x / M267x / M283x series
- Add Xerox Phaser 3020 support
- Update existing PPD files with robust attribute lookup and quotes stripping
- Support direct PPD fallback parsing for headless CI environments
@dutch2005
test: add Google Test framework and functional test coverage
dc2e684 
- Integrate Google Test via CMake FetchContent
- Add functional_test.sh with CUPS mocking for headless testing
- Add Docker-based test runner scripts (run_tests_docker.sh, run_tests_docker.ps1)
- Add CMake tests (test_build.sh) covering standard and cross-compiled builds
@dutch2005
docs: update documentation for CMake and modern C++ standards
56f82f0
@dutch2005
docs: finalize v2.0.2 release documentation and architecture wiki
224b277
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dutch2005