[cups.bugs] [MOD] STR #2855: DefaultAuthType without value crashes spooler

[martin.pitt.canonical]

DO NOT REPLY TO THIS MESSAGE.  INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.

[STR New]

In http://bugs.debian.org/250848, a user reported a crash of cupsd. Quote:

  "I found it segfaults instantly on startup after having used the GUI
config editor to untick the "Show printers shared by other systems"
option. This mangled the config file and lost the auth type:

Config should say:
  DefaultAuthType Basic

It actually said
  DefaultAuthType

Adding the word "Basic" fixed this."

I cannot reproduce the dropping of "Basic" (the report is against 1.3.5,
maybe it has been fixed since then), but I can easily reproduce the actual
crash:

Program received signal SIGSEGV, Segmentation fault.
#0  0x00007ff360f9abac in strcasecmp () from /lib/libc.so.6
#1  0x0000000000417ca2 in read_configuration (fp=0x6832b0) at conf.c:2739
#2  0x000000000041980e in cupsdReadConfiguration () at conf.c:605
#3  0x0000000000420f90 in main (argc=2, argv=0x7fff6acde6d8) at main.c:446

(gdb) f 1
#1  0x0000000000417ca2 in read_configuration (fp=0x6832b0) at conf.c:2739
2739	      if (!strcasecmp(value, "none"))
(gdb) l
2734	    {
2735	     /*
2736	      * DefaultAuthType {basic,digest,basicdigest,negotiate}
2737	      */
2738	
2739	      if (!strcasecmp(value, "none"))
2740		DefaultAuthType = CUPSD_AUTH_NONE;
2741	      else if (!strcasecmp(value, "basic"))
2742		DefaultAuthType = CUPSD_AUTH_BASIC;
2743	      else if (!strcasecmp(value, "digest"))
(gdb) p value
$1 = 0x0

Thus it should check value for NULL first and exit gracefully with an
error message in the log. This does work correctly for e. g. "Browsing",
this gives:

E [10/Jun/2008:21:57:48 +0200] Missing boolean value for Browsing on line
7!

and cupsd even keeps running.

Link: http://www.cups.org/str.php?L2855
Version: 1.3.7