[cups.bugs] [CRIT] STR #4108: CUPS daemon crashes after logging "Closing on unknown HTTP state 0"
Ged Haywood
cups at jubileegroup.co.uk
Sun May 27 08:22:59 PDT 2012
DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR New]
I have listed this as a non-security issue on your Web form, but as it
seemingly involves incorrectly accessed data it would not be surprising if
there were in fact security implications.
The Web form insists on having a CUPS version number but this report
applies to multiple released versions of CUPS including at least 1.4.4,
1.5.0 and 1.5.2.
Symptoms:
The CUPS daemon crashes under certain circumstances which appear to be
related an HTTP request. The error log contains a message similar to
this:
D [24/May/2012:20:48:43 +0100] cupsdWriteClient: -986319504 Closing on
unknown HTTP state 0
This particular message was taken from CUPS 1.4.4 on Debian Squeeze, but
the same thing happens to others using at least CUPS 1.5.0 and 1.5.2 on
Ubuntu, see for example
http://markmail.org/message/oadfxfoho3upzv2d#query:+page:1+mid:62xt56uvh2z6ay4u+state:results
The exact conditions to reproduce the issue are not clear (at least to me,
as yet) but it appears to be conclusively a software fault related to HTTP
requests. In my example, the daemon had been running for six days nine
hours before the crash. Here is a longer extract from the error log:
D [24/May/2012:20:48:43 +0100] cupsdReadClient: 12 GET / HTTP/1.1
D [24/May/2012:20:48:43 +0100] cupsdSetBusyState: Active clients
D [24/May/2012:20:48:43 +0100] cupsdAuthorize: No authentication data
provided.
D [24/May/2012:20:48:43 +0100] cupsdReadClient: 12 Closing on EOF
D [24/May/2012:20:48:43 +0100] cupsdCloseClient: 12
D [24/May/2012:20:48:43 +0100] cupsdSetBusyState: Not busy
D [24/May/2012:20:48:43 +0100] cupsdWriteClient: -986319504 Closing on
unknown HTTP state 0
D [24/May/2012:20:48:43 +0100] cupsdCloseClient: -1029851736
The daemon appears to crash less than one second of the HTTP GET request
as can be seen above.
After the crash, the PID file created when the daemon was started still
exists, but the daemon is no longer running.
Notes:
Configuration files are available privately if required.
Link: http://www.cups.org/str.php?L4108
Version: 1.5.2
More information about the cups
mailing list