When I start cups-browsed, this happens: Thread 1 "cups-browsed" received signal SIGSEGV, Segmentation fault. 0x00007ffff7b9f7e9 in ppdCreateFromIPP2 ( buffer=0x7fffffffbd80 "/tmp/009a45f9b9a02", bufsize=<optimized out>, response=0x55555564edc0, make_model=<optimized out>, pdl=<optimized out>, color=1, duplex=1, conflicts=0x0, sizes=0x555555752fa0, default_pagesize=0x0, default_cluster_color=0x0) at cupsfilters/ppdgenerator.c:2227 2227 *suffix = '\0'; (gdb) print (char*)&ppdname $76 = 0x7fffffff9290 "A4" The code is trying to remove a ".Borderless" suffix from a name that doesn't have one, and this leads to a null pointer dereference. (BTW I believe "sizes" is null on entry to this function and gets set later.) I don't know how this comes about - if you need me to generate any more debug data about the printer which is trying to be added, please let me know what to do. Version tested: cups-filters-libs-1.28.2-2.fc32.x86_64
Hi Ian, thank you for reporting the issue! Actually I'm investigating this issue in https://bugzilla.redhat.com/show_bug.cgi?id=1881365 , would you mind joining the discussion there? I reached the same conclusion as you and provided unofficial hotfix for the original reporter, but I'm still not sure how the execution got there. The original reporter doesn't seem to have much time to debug, so would you mind providing the info mentioned in the ticket? You will need to find out the value of 'uri' variable in 'update_cups_queues()' function, when the segfault happens, and then update GDB script attached to the ticket accordingly. I'm not sure how experienced you are with debugging in GDB, so if you need my help with it, please let me know. *** This bug has been marked as a duplicate of bug 1881365 ***