Bug 1184364

Summary: Xnest/Xephyr Unsupported printf directive '*' in log.c:467
Product: Red Hat Enterprise Linux 7 Reporter: Tomas Pelka <tpelka>
Component: xorg-x11-serverAssignee: Adam Jackson <ajax>
Status: CLOSED ERRATA QA Contact: Desktop QE <desktop-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.1CC: ofourdan
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: xorg-x11-server-1.17.2-2.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1184365 (view as bug list) Environment:
Last Closed: 2015-11-19 04:24:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1184365    

Description Tomas Pelka 2015-01-21 08:26:30 UTC 
Description of problem:
When trying to connect to XDMCP via Xnest or Xephyr they both crash immediately, see the log below. 

Version-Release number of selected component (if applicable):
xorg-x11-server-Xephyr-1.15.0-31.el7
xorg-x11-server-Xnest-1.15.0-31.el7

How reproducible:
100%

Steps to Reproduce:
1. kdm --nodeamon with enabled Xdmcp running, 177 udp port opened, firewall down
2. [Xephyr|Xnest] :99 -query i386-6c-m1.ss.eng.bos.redhat.com
3.

Actual results:
    Xephyr -query i386-6c-m1.ss.eng.bos.redhat.com :99
    Initializing built-in extension Generic Event Extension
    Initializing built-in extension SHAPE
    Initializing built-in extension MIT-SHM
    Initializing built-in extension XInputExtension
    Initializing built-in extension XTEST
    Initializing built-in extension BIG-REQUESTS
    Initializing built-in extension SYNC
    Initializing built-in extension XKEYBOARD
    Initializing built-in extension XC-MISC
    Initializing built-in extension XINERAMA
    Initializing built-in extension XFIXES
    Initializing built-in extension RENDER
    Initializing built-in extension RANDR
    Initializing built-in extension COMPOSITE
    Initializing built-in extension DAMAGE
    Initializing built-in extension MIT-SCREEN-SAVER
    Initializing built-in extension DOUBLE-BUFFER
    Initializing built-in extension RECORD
    Initializing built-in extension DPMS
    Initializing built-in extension Present
    Initializing built-in extension X-Resource
    Initializing built-in extension XVideo
    Initializing built-in extension XVideo-MotionCompensation
    Initializing built-in extension SELinux
    Initializing built-in extension GLX
    (EE)
    Fatal server error:
    (EE) (EE) BUG: triggered 'if (f[f_idx])'
    (EE) BUG: log.c:467 in pnprintf()
    (EE) Unsupported printf directive '*'
    (EE)
    (EE) Backtrace:
    (EE) 0: Xephyr (xorg_backtrace+0x55) [0x583f95]
    (EE) 1: Xephyr (LogVMessageVerbSigSafe+0x875) [0x58f1d5]
    (EE) 2: Xephyr (FatalError+0xea) [0x58f4ca]
    (EE) 3: Xephyr (0x400000+0x19163b) [0x59163b]
    (EE) 4: Xephyr (0x400000+0x191c4d) [0x591c4d]
    (EE) 5: Xephyr (WakeupHandler+0x6d) [0x44c4bd]
    (EE) 6: Xephyr (WaitForSomething+0x1cf) [0x58193f]
    (EE) 7: Xephyr (0x400000+0x47751) [0x447751]
    (EE) 8: Xephyr (0x400000+0x4b95a) [0x44b95a]
    (EE) 9: /lib64/libc.so.6 (__libc_start_main+0xf5) [0x7f5e05519af5]
    (EE) 10: Xephyr (0x400000+0x268e1) [0x4268e1]
    (EE)
    XDMCP fatal error: Manager unwilling %*.*s
    (EE)


Expected results:
should not crash on client site

Additional info:
rhel7, rhel6 and Fedora affected too
Comment 4 Olivier Fourdan 2015-03-27 13:59:59 UTC 
A fix upstream for this has just been merged in xserver master:

> Jon TURNEY (13):
> [...]
>       os: Teach vpnprintf() how to handle "%*.*s"
> [...]

http://lists.x.org/archives/xorg-devel/2015-March/045974.html
Comment 5 Adam Jackson 2015-06-30 14:57:06 UTC 
Said patch was merged in xserver 1.17.2.
Comment 8 errata-xmlrpc 2015-11-19 04:24:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2015-2198.html