Bug 186686

Summary: lpq crashes
Product: [Fedora] Fedora Reporter: Bart Vanbrabant <bart.vanbrabant>
Component: cupsAssignee: Tim Waugh <twaugh>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 1.2-0.2.rc1.2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-28 17:09:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bart Vanbrabant 2006-03-25 12:20:37 UTC 
Description of problem:
When passing any argument to the -h option of lpq, it crashes with 
*** glibc detected *** lpq: double free or corruption (!prev): 0x08558770 ***


Version-Release number of selected component (if applicable):
cups-1.2-0.1.b2.6

How reproducible:
lpq -h string
with string any string except nothing

Steps to Reproduce:
1. lpq -h string
2.
3.
  
Actual results:
lpq: Unknown
*** glibc detected *** lpq: double free or corruption (!prev): 0x08558770 ***
======= Backtrace: =========
/lib/libc.so.6[0x97cf18]
/lib/libc.so.6(__libc_free+0x79)[0x98041d]
/usr/lib/libcups.so.2(httpAddrFreeList+0x30)[0xe397c0]
/usr/lib/libcups.so.2(httpClose+0x33)[0xe37743]
lpq[0x8049218]
/lib/libc.so.6(__libc_start_main+0xdc)[0x92e7e4]
lpq[0x8048cb1]
======= Memory map: ========
00259000-0026a000 r-xp 00000000 fd:00 366840     /lib/libnsl-2.4.so
0026a000-0026b000 r-xp 00010000 fd:00 366840     /lib/libnsl-2.4.so
0026b000-0026c000 rwxp 00011000 fd:00 366840     /lib/libnsl-2.4.so
0026c000-0026e000 rwxp 0026c000 00:00 0
00381000-0038a000 r-xp 00000000 fd:00 3506999    /lib/libnss_files-2.4.so
0038a000-0038b000 r-xp 00008000 fd:00 3506999    /lib/libnss_files-2.4.so
0038b000-0038c000 rwxp 00009000 fd:00 3506999    /lib/libnss_files-2.4.so
007fe000-00809000 r-xp 00000000 fd:00 360457     /lib/libgcc_s-4.1.0-20060304.so.1
00809000-0080a000 rwxp 0000a000 fd:00 360457     /lib/libgcc_s-4.1.0-20060304.so.1
008fb000-008fc000 r-xp 008fb000 00:00 0          [vdso]
008fc000-00915000 r-xp 00000000 fd:00 364715     /lib/ld-2.4.so
00915000-00916000 r-xp 00018000 fd:00 364715     /lib/ld-2.4.so
00916000-00917000 rwxp 00019000 fd:00 364715     /lib/ld-2.4.so
00919000-00a45000 r-xp 00000000 fd:00 366839     /lib/libc-2.4.so
00a45000-00a48000 r-xp 0012b000 fd:00 366839     /lib/libc-2.4.so
00a48000-00a49000 rwxp 0012e000 fd:00 366839     /lib/libc-2.4.so
00a49000-00a4c000 rwxp 00a49000 00:00 0
00a7b000-00a8d000 r-xp 00000000 fd:00 3814158    /usr/lib/libz.so.1.2.3
00a8d000-00a8e000 rwxp 00011000 fd:00 3814158    /usr/lib/libz.so.1.2.3
00b31000-00b41000 r-xp 00000000 fd:00 367455     /lib/libpthread-2.4.so
00b41000-00b42000 r-xp 0000f000 fd:00 367455     /lib/libpthread-2.4.so
00b42000-00b43000 rwxp 00010000 fd:00 367455     /lib/libpthread-2.4.so
00b43000-00b45000 rwxp 00b43000 00:00 0
00e23000-00e57000 r-xp 00000000 fd:00 3809353    /usr/lib/libcups.so.2
00e57000-00e59000 rwxp 00033000 fd:00 3809353    /usr/lib/libcups.so.2
0527f000-05284000 r-xp 00000000 fd:00 366844     /lib/libcrypt-2.4.so
05284000-05285000 r-xp 00004000 fd:00 366844     /lib/libcrypt-2.4.so
05285000-05286000 rwxp 00005000 fd:00 366844     /lib/libcrypt-2.4.so
05286000-052ad000 rwxp 05286000 00:00 0
05459000-0545c000 r-xp 00000000 fd:00 3809147    /usr/lib/libgpg-error.so.0.1.4
0545c000-0545d000 rwxp 00002000 fd:00 3809147    /usr/lib/libgpg-error.so.0.1.4
054e2000-05535000 r-xp 00000000 fd:00 3809154    /usr/lib/libgcrypt.so.11.2.1
05535000-05537000 rwxp 00053000 fd:00 3809154    /usr/lib/libgcrypt.so.11.2.1
05555000-055ca000 r-xp 00000000 fd:00 3817634    /usr/lib/libgnutls.so.12.3.7
055ca000-055d0000 rwxp 00074000 fd:00 3817634    /usr/lib/libgnutls.so.12.3.7
08048000-0804b000 r-xp 00000000 fd:00 3809052    /usr/bin/lpq.cups
0804b000-0804c000 rw-p 00002000 fd:00 3809052    /usr/bin/lpq.cups
0853b000-0857f000 rw-p 0853b000 00:00 0          [heap]
b7d00000-b7d21000 rw-p b7d00000 00:00 0
b7d21000-b7e00000 ---p b7d21000 00:00 0
b7efb000-b7efe000 rw-p b7efb000 00:00 0
b7f0f000-b7f12000 rw-p b7f0f000 00:00 0
bfaf4000-bfb11000 rw-p bfaf4000 00:00 0          [stack]
Aborted

Expected results:
lpq: Unknown

Additional info:
Comment 1 Tim Waugh 2006-03-27 11:41:51 UTC 
Thanks for the report.  I've passed this to the developers:

http://cups.org/str.php?L1515
Comment 2 Tim Waugh 2006-03-28 17:09:34 UTC 
Fixed in cups-1.2-0.2.rc1.2.