[cups] cupsd 2.0.3 SIGSEGV on Solaris SPARC 64bit

Michael Sweet msweet at apple.com
Fri Jan 22 08:50:40 PST 2016 

Matthias,

The backtrace shows a NULL content type being logged, and Solaris' vsnprintf function doesn't handle NULL string pointers like it should (namely, substituting "(null)" for a crash).  This is a side-effect of not supporting modern POSIX and C99 standards... :/

Newer CUPS releases use their own vsnprintf implementation to avoid this issue on Solaris and other legacy platforms...

(so the solution here is to update to CUPS 2.1.0 or later)


> On Jan 22, 2016, at 11:29 AM, Matthias Apitz <guru at unixarea.de> wrote:
> 
> El día Friday, January 22, 2016 a las 11:14:41AM -0500, Michael Sweet escribió:
> 
>> Matthias,
>> 
>>> On Jan 22, 2016, at 3:54 AM, Matthias Apitz <guru at unixarea.de> wrote:
>>> ...
>>> I say this, because I now have exactly such crashes with cupsd, see
>>> below a concrete situation where the browser is contacting port 631.
>>> 
>>> Has someone here from the list the cupsd compiled for 64 bit?
>> 
>> cupsd has been compiled for 64-bit since the early days of CUPS (1997/1998).
>> 
>> We shipped cupsd 64-bit on IRIX from the beginning, and have been shipping it 64-bit on OS X since 10.6. Every Linux distribution for 64-bit architectures ships a 64-bit build of cupsd.
>> 
>> So I don't think this is a 64-bit issue.
>> 
>> A debug backtrace showing where the segfault occurs would be the best way to diagnose the problem here...
> 
> Here we go:
> 
> (gdb) c
> Continuing.
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0xffffffff7d33c7f0 in strlen () from /lib/64/libc.so.1
> (gdb) bt
> #0  0xffffffff7d33c7f0 in strlen () from /lib/64/libc.so.1
> #1  0xffffffff7d3acdd0 in _ndoprnt () from /lib/64/libc.so.1
> #2  0xffffffff7d3af63c in vsnprintf () from /lib/64/libc.so.1
> #3  0x0000000100029808 in format_log_line ( message=message at entry=0xffffffff7fffef88 "[Client 3]
>    cupsdSendHeader: code=%d, type=\"%s\", auth_type=%d", ap=0xffffffff7ffff428) at log.c:1158
> #4  0x000000010002abf4 in cupsdLogClient (con=con at entry=0x1001ca1a0, level=level at entry=8, 
>    message=0x10004a4b0 "cupsdSendHeader: code=%d, type=\"%s\", auth_type=%d") at log.c:468
> #5  0x00000001000100e4 in cupsdSendHeader (con=con at entry=0x1001ca1a0, 
>    code=code at entry=HTTP_STATUS_OK, type=type at entry=0x0, auth_type=auth_type at entry=0)
>    at client.c:2311
> #6  0x0000000100010c50 in cupsdWriteClient (con=0x1001ca1a0) at client.c:2681
> #7  0x000000010003534c in cupsdDoSelect (timeout=timeout at entry=1) at select.c:581
> #8  0x000000010004830c in main (argc=<optimized out>, argv=<optimized out>) at main.c:786
> 
> 	matthias
> 
> -- 
> Matthias Apitz, ✉ guru at unixarea.de, ⌂ http://www.unixarea.de/  ☎ +49-176-38902045
> UNIX since V7 on PDP-11 | UNIX on mainframe since ESER 1055 (IBM /370)
> UNIX on x86 since SVR4.2 UnixWare 2.1.2 | FreeBSD since 2.2.5
> _______________________________________________
> cups mailing list
> cups at cups.org
> https://www.cups.org/mailman/listinfo/cups

_________________________________________________________
Michael Sweet, Senior Printing System Engineer

More information about the cups mailing list