Bug#931818: Info received (Bug#931818: cups: Jobs webpage /usr/lib/cups/cgi-bin/jobs.cgi segfault after package login removes /etc/securetty)

2019-07-16 Thread Bernhard Übelacker 
Hello Jeffrey Hundstad,
your supplied backtrace would most likely look with debug symbols like this:

(gdb) bt
#0  __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:79
#1  0x77dcbdae in __GI___strdup () at strdup.c:41
#2  0xb795 in cgiGetArray () at var.c:171
#3  0xa41c in cgi_copy () at template.c:299
#4  0xad3e in cgi_copy () at template.c:348
#5  0xa626 in cgi_copy () at template.c:602
#6  0xb0b7 in cgiCopyTemplateLang () at template.c:148
#7  0x868d in cgiShowJobs () at ipp-var.c:1506
#8  0x67c1 in main () at jobs.c:107
#9  0x77d6809b in __libc_start_main () at ../csu/libc-start.c:308
#10 0x687a in _start ()

But still, the backtrace from a gdb running at your system with
installed debug symbols would most probably show some more information,
and which name in cgiGetArray gets accessed.

Kind regards,
Bernhard

Bug#931818: Info received (Bug#931818: cups: Jobs webpage /usr/lib/cups/cgi-bin/jobs.cgi segfault after package login removes /etc/securetty)

2019-07-12 Thread Bernhard Übelacker 
Hello Jeffrey Hundstad,
sorry, I forget to mention that it would help with the
backtrace if the debug symbols would be installed.
For jobs.cgi I assume this would be cups-dbgsym.

These packages are in a separate repository.
Details are about it are in this page:

https://wiki.debian.org/HowToGetABacktrace#Installing_the_debugging_symbols

Kind regards,
Bernhard

Bug#931818: Info received (Bug#931818: cups: Jobs webpage /usr/lib/cups/cgi-bin/jobs.cgi segfault after package login removes /etc/securetty)

2019-07-12 Thread Hundstad, Jeffrey E 
Here's some more, but not much better:

root@systemname:/usr/share/doc/systemd-coredump# gdb 
/usr/lib/cups/cgi-bin/jobs.cgi /tmp/ooo
GNU gdb (Debian 8.2.1-2) 8.2.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/cups/cgi-bin/jobs.cgi...(no debugging symbols 
found)...done.
[New LWP 26510]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/lib/cups/cgi-bin/jobs.cgi'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
65  ../sysdeps/x86_64/multiarch/strlen-avx2.S: No such file or directory.
(gdb) backtrace full
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
No locals.
#1  0x7f16d9130dae in __GI___strdup (s=0x0) at strdup.c:41
len = 
new = 
#2  0x55b36a21f41c in ?? ()
No symbol table info available.
#3  0x55b36a21fd3e in ?? ()
No symbol table info available.
#4  0x55b36a21f626 in ?? ()
No symbol table info available.
#5  0x55b36a2200b7 in ?? ()
No symbol table info available.
#6  0x55b36a21d68d in ?? ()
No symbol table info available.
#7  0x55b36a21b7c1 in ?? ()
No symbol table info available.
#8  0x7f16d90cd09b in __libc_start_main (main=0x55b36a21b670, argc=1, 
argv=0x7ffc607f86d8, init=, fini=, 
rtld_fini=, stack_end=0x7ffc607f86c8) at ../csu/libc-start.c:308
self = 
result = 
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -5082858722427954408, 
94229068101712, 140721927456464, 0, 0, -1303763130235512040, 
-1423866795149124840}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 
0x7ffc607f86e8, 0x7f16d9362190}, data = {prev = 0x0, cleanup = 0x0, 
  canceltype = 1618970344}}}
not_first_call = 
#9  0x55b36a21b87a in ?? ()
No symbol table info available.
(gdb) 




smime.p7s
Description: S/MIME Cryptographic Signature

Bug#931818: cups: Jobs webpage /usr/lib/cups/cgi-bin/jobs.cgi segfault after package login removes /etc/securetty

2019-07-12 Thread Hundstad, Jeffrey E 
This is what I was able to find after the systemd-coredump was installed:


Jul 12 16:11:45 systemname kernel: jobs.cgi[26510]: segfault at 0 ip
7f16d9205181 sp 7ffc607f5798 error 4 in
libc-2.28.so[7f16d90cb000+148000]
Jul 12 16:11:45 systemname kernel: Code: 84 00 00 00 00 00 0f 1f 00 31
c0 c5 f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 89 f9 48 89 fa c5 f9 ef c0
83 e1 3f 83 f9 20 77 1f  fd 74 0f c5 fd d7 c1 85 c0 0f 85 df 00 00
00 48 83 c7 20 83 e1
Jul 12 16:11:45 systemname systemd[1]: Created slice
system-systemd\x2dcoredump.slice.
Jul 12 16:11:45 systemname systemd[1]: Started Process Core Dump (PID
26511/UID 0).
Jul 12 16:11:46 systemname systemd-coredump[26512]: Process 26510
(jobs.cgi) of user 7 dumped core.
   
 Stack trace of thread
26510:
 #0  0x7f16d9205181
n/a (libc.so.6)
 #1  0x7f16d9130dae
__strdup (libc.so.6)
 #2  0x55b36a21f41c
n/a (jobs.cgi)
 #3  0x55b36a21fd3e
n/a (jobs.cgi)
 #4  0x55b36a21f626
n/a (jobs.cgi)
 #5  0x55b36a2200b7
n/a (jobs.cgi)
 #6  0x55b36a21d68d
n/a (jobs.cgi)
 #7  0x55b36a21b7c1
n/a (jobs.cgi)
 #8  0x7f16d90cd09b
__libc_start_main (libc.so.6)
 #9  0x55b36a21b87a
n/a (jobs.cgi)
Jul 12 16:11:46 systemname systemd[1]:
systemd-coredump@0-26511-0.service: Succeeded.



smime.p7s
Description: S/MIME Cryptographic Signature

Bug#931818: cups: Jobs webpage /usr/lib/cups/cgi-bin/jobs.cgi segfault after package login removes /etc/securetty

2019-07-12 Thread Bernhard Übelacker 
Hello Jeffrey Hundstad,
just looking at some crashes in some random packages,
I just tried to reproduce this issue inside a minimal qemu VM.
But hit just the line "Couldn't open...", not the segfault.
Also with a simple test printer configured and a test page job.

If it is possible you could install the package systemd-coredump.
Then journalctl should provide a backtrace for the crashing
process that could be forwarded to this bug.

Kind regards,
Bernhard

Bug#931818: cups: Jobs webpage /usr/lib/cups/cgi-bin/jobs.cgi segfault after package login removes /etc/securetty

2019-07-10 Thread Jeffrey Hundstad 
Package: cups
Version: 2.2.10-6
Severity: normal

Dear Maintainer,

Before the upgrade of login to 1:4.7-1 the "Jobs" webpage at
http://localhost:631/jobs/ worked as expected.  Since the upgrade I see the
following in the kernel log and jobs details fails with only the ID showing, no 
details and no way to act on that job.

Jul 10 14:30:55 systemname cupsd[13174]: pam_unix(cups:auth): Couldn't open 
/etc/securetty: No such file or directory
Jul 10 14:30:55 systemname cupsd[13174]: pam_unix(cups:auth): Couldn't open 
/etc/securetty: No such file or directory
Jul 10 14:30:55 systemname kernel: jobs.cgi[14724]: segfault at 0 ip 
7f1d61a91181 sp 7ffdd76fa908 error 4 in 
libc-2.28.so[7f1d61957000+148000]
Jul 10 14:30:55 systemname kernel: Code: 84 00 00 00 00 00 0f 1f 00 31 c0 c5 f8 
77 c3 66 2e 0f 1f 84 00 00 00 00 00 89 f9 48 89 fa c5 f9 ef c0 83 e1 3f 83 f9 
20 77 1f  fd 74 0f c5 fd d7 c1 85 c0 0f 85 df 00 00 00 48 83 c7 20 

I can confirm that /etc/securetty is no longer on my system.  I took a look at 
/usr/share/doc/login/changelog.Debian.gz:
  [ Balint Reczey ]
...
  * Clean up /etc/securetty properly on upgrade

I suspect this is the cause, but still.  I don't believe the segfault is the 
right behavior either.


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cups depends on:
ii  cups-client2.2.10-6
ii  cups-common2.2.10-6
ii  cups-core-drivers  2.2.10-6
ii  cups-daemon2.2.10-6
ii  cups-filters   1.21.6-5
ii  cups-ppdc  2.2.10-6
ii  cups-server-common 2.2.10-6
ii  debconf [debconf-2.0]  1.5.72
ii  ghostscript9.27~dfsg-2
ii  libavahi-client3   0.7-4+b1
ii  libavahi-common3   0.7-4+b1
ii  libc6  2.28-10
ii  libcups2   2.2.10-6
ii  libcupsimage2  2.2.10-6
ii  libgcc11:9.1.0-8
ii  libstdc++6 9.1.0-8
ii  libusb-1.0-0   2:1.0.22-2
ii  poppler-utils  0.71.0-5
ii  procps 2:3.3.15-2

Versions of packages cups recommends:
ii  avahi-daemon 0.7-4+b1
ii  colord   1.4.3-4
ii  cups-filters [ghostscript-cups]  1.21.6-5
ii  printer-driver-gutenprint5.3.1-7

Versions of packages cups suggests:
ii  cups-bsd   2.2.10-6
pn  cups-pdf   
ii  foomatic-db20181217-2
pn  hplip  
ii  printer-driver-hpcups  3.18.12+dfsg0-2
ii  smbclient  2:4.9.11+dfsg-1
ii  udev   241-6

-- debconf information:
  cupsys/backend: lpd, socket, usb, snmp, dnssd
  cupsys/raw-print: true