Bug#820474: cups-filters: texttopdf seg faults if comment in prettyprinted source file ends with keyword
Package: cups-filters
Version: 1.0.61-5+deb8u3
Severity: normal
Tags: patch
Dear Maintainer,
* What led up to the situation?
Occasionally when prettyprinting files using CUPS results in a hung
print job and no output. A recent small example occurred which
allowed creation of a small test case to demonstrate the problem.
* What exactly did you do (or not do) that was effective (or
ineffective)?
$ echo "//if" > a.c
$ lpr -p a.c
* What was the outcome of this action?
No output on printer, print job gets stuck in queue.
* What outcome did you expect instead?
Pretty printed version of the above one line file.
Some digging in the cups log files revealed that
/usr/lib/cups/filter/texttopdf seg faults. The error can be
reproduced direclty with the following command:
$ echo "//if" | CONTENT_TYPE=application/x-csource /usr/lib/cups/filter/texttopdf 123 username a.c 1 "prettyprint" > a.c.pdf
Debugging with gdb, the local array "names", having 3 elements, in
filters/texttopdf.c:write_font_str is being indexed with a value of 3
because both bold and italic are active at the newline.
In filters/textcommon.c there are four places that look up keywords,
only one ensures that italics are not active when searching for a
keyword:
if (!(attr & ATTR_ITALIC) &&
bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
compare_keywords))
The attached patch adds the attribute check to the other three
searches which prevents the seg fault - that is, texttopdf runs to
completion and generates a printable PDF.
-- System Information:
Debian Release: 8.4
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages cups-filters depends on:
ii bc 1.06.95-9
ii cups-filters-core-drivers 1.0.61-5+deb8u3
ii ghostscript 9.06~dfsg-2+deb8u1
ii libc6 2.19-18+deb8u4
ii libcups2 1.7.5-11+deb8u1
ii libcupsfilters1 1.0.61-5+deb8u3
ii libcupsimage2 1.7.5-11+deb8u1
ii libfontconfig1 2.11.0-6.3
ii libfontembed1 1.0.61-5+deb8u3
ii libgcc1 1:4.9.2-10
ii libijs-0.35 0.35-10
ii liblcms2-2 2.6-3+b3
ii libpoppler46 0.26.5-2
ii libqpdf13 5.1.2-2
ii libstdc++6 4.9.2-10
Versions of packages cups-filters recommends:
ii colord 1.2.1-1+b2
Versions of packages cups-filters suggests:
pn foomatic-db-compressed-ppds | foomatic-db <none>
-- no debconf information
--- cups-filters-1.0.61/filter/textcommon.c 2016-04-08 10:48:07.000000000 -0700
+++ /tmp/cups-filters-1.0.61/filter/textcommon.c 2016-04-08 10:37:26.000000000 -0700
@@ -735,7 +735,8 @@
*keyptr = '\0';
keyptr = keyword;
- if (bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
+ if (!(attr & ATTR_ITALIC) &&
+ bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
compare_keywords))
{
/*
@@ -807,7 +808,8 @@
*keyptr = '\0';
keyptr = keyword;
- if (bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
+ if (!(attr & ATTR_ITALIC) &&
+ bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
compare_keywords))
{
/*
@@ -861,7 +863,8 @@
*keyptr = '\0';
keyptr = keyword;
- if (bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
+ if (!(attr & ATTR_ITALIC) &&
+ bsearch(&keyptr, Keywords, NumKeywords, sizeof(char *),
compare_keywords))
{
/*
Reply to: