Bug 447200

Summary: cups has a segmentation violation when banners are selected
Product: [Fedora] Fedora Reporter: Joe Nall <joe>
Component: cupsAssignee: Tim Waugh <twaugh>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 9CC: john.m.weekley
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: 1.3.7-8.fc9 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-07-09 02:44:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
cups error log none

Description Joe Nall 2008-05-18 19:14:30 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_2; en-us) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.1 Safari/525.18

Description of problem:
Printing security related banner pages crashes cups.

May 18 10:38:10 comms kernel: cupsd[2544]: segfault at 3768 ip b801a9c8 sp bff4bd20 error 4 in cupsd[b7ff5000+64000]
May 18 10:40:18 comms kernel: cupsd[3894]: segfault at 3768 ip b7f549c8 sp bfd87790 error 4 in cupsd[b7f2f000+64000]
May 18 10:41:47 comms kernel: cupsd[4183]: segfault at 3768 ip b7f529c8 sp bfb83540 error 4 in cupsd[b7f2d000+64000]


Version-Release number of selected component (if applicable):
cups-1.3.7-2.fc9.i386

How reproducible:
Always


Steps to Reproduce:
1. system-config-printer
2. specify mls or selinux banner page
3. apply
4. print test page

Actual Results:
/var/log/messages shows cups segfault

Expected Results:
Banner page :)

Additional info:
Running current SELinux MLS policy

cups-libs-1.3.7-2.fc9.i386
cups-1.3.7-2.fc9.i386
cups-devel-1.3.7-2.fc9.i386
Comment 1 Tim Waugh 2008-05-22 10:03:56 UTC 
I haven't been able to reproduce this problem.

Please enable cupsd debugging like this:

  service cups restartlog
  cupsctl --debug-logging

and try again.  When cupsd segfaults again, please attach the
/var/log/cups/error_log file to this bug report.  Thanks.
Comment 2 John Weekley 2008-05-28 00:14:30 UTC 
Created attachment 306858 [details]
cups error log
Comment 3 Tim Waugh 2008-05-28 07:55:16 UTC 
Thanks, problem understood.  Working on a solution.
Comment 4 Fedora Update System 2008-05-28 09:53:19 UTC 
cups-1.3.7-3.fc9 has been submitted as an update for Fedora 9
Comment 5 Christopher Hailey 2008-05-28 16:20:28 UTC 
copy_banner is being called with the first parameter as NULL, copy_banner does
not check for this.

0xb8098ad8 in copy_banner (con=0x0, job=0xb9057868, 
    name=0xb9025160 "classified") at ipp.c:4285
4285      if (strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0)
Missing separate debuginfos, use: debuginfo-install cups.i386
(gdb) p con
$1 = (cupsd_client_t *) 0x0
(gdb) where
#0  0xb8098ad8 in copy_banner (con=0x0, job=0xb9057868, 
    name=0xb9025160 "classified") at ipp.c:4285
#1  0xb80996c8 in cupsdTimeoutJob (job=0xb9057868) at ipp.c:792
#2  0xb809d37d in print_job (con=0xb9053e40, uri=0xb90576b0) at ipp.c:8006
#3  0xb80abc22 in cupsdProcessIPPRequest (con=0xb9053e40) at ipp.c:502
#4  0xb80857fc in cupsdReadClient (con=0xb9053e40) at client.c:2253
#5  0xb80bfab2 in cupsdDoSelect (timeout=1) at select.c:537
#6  0xb8096aa4 in main (argc=2, argv=0xbf9d61d4) at main.c:817

  792     if ((kbytes = copy_banner(NULL, job, attr->values[1].string.text)) < 0
Comment 6 Fedora Update System 2008-05-31 02:14:43 UTC 
cups-1.3.7-5.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update cups'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-4744
Comment 7 Fedora Update System 2008-06-06 07:45:08 UTC 
cups-1.3.7-6.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update cups'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-4744
Comment 8 Fedora Update System 2008-06-17 11:47:29 UTC 
cups-1.3.7-3.fc8 has been submitted as an update for Fedora 8
Comment 9 Fedora Update System 2008-06-18 03:16:11 UTC 
cups-1.3.7-7.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update cups'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-4744
Comment 10 Fedora Update System 2008-07-09 02:44:24 UTC 
cups-1.3.7-8.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2008-07-09 02:51:41 UTC 
cups-1.3.7-4.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.