amd64/93469: uninitialised struct stat in lpd prevents it from normal operation

Michael Szklarski dysoft at kco.com.pl
Fri Feb 17 01:30:06 PST 2006 

>Number:         93469
>Category:       amd64
>Synopsis:       uninitialised struct stat in lpd prevents it from normal operation
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-amd64
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 17 09:30:04 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Michael Szklarski
>Release:        6.0
>Organization:
ABG Ster-Projekt
>Environment:
FreeBSD Tygrytron 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Sat Feb 11 00:30:29 CET 
2006     msz at Tygrytron:/usr/src/sys/amd64/compile/Tygrytron  amd64
>Description:
Already reported in:
http://www.freebsd.org/cgi/query-pr.cgi?pr=amd64/93413
now I have traced down the problem:

After first-time installation of spool directories, 
e.g. /var/spool/lpd/rattan , as seen in the Handbook, these directories are 
of course empty.

Running first time printout is successful, lpd creates "lock" file in the 
spool directory, but it has following (strange) attributes:

---xrwS--T  1 root  daemon  20 Feb 16 01:03 lock

Unfortunately, running printout for the next time does not work - lpr queues 
the job and nothing happens ! It is due to a sw-bug 
in /usr/src/usr.sbin/lpr/lpd/printjob.c, in function void printjob(struct 
printer* pp); i.e. look at the following lines of code:

[203]		 if (stat(pp->lock_file, &stb) == 0 && (stb.st_mode & LFM_PRINT_DIS))
		 		 		 exit(0);

Seems OK, but if NO LOCK FILE EXIST, "stb" remains uninitialized ! 
Unfortunately, this sets "+x" attribute, which is defined elsewhere
as
#define		 LFM_PRINT_DIS		 (S_IXUSR)
and it results in executing exit(0) in the line mentioned above, but only for 
the second time.

Further in the code one can find fchmod(lfd,stb.st_mode), which uses 
uninitialised "stb".
>How-To-Repeat:
kill lpd.
remove spool directories.
recreate spool directories.
run lpd.
try to print twice (or more).
>Fix:
/usr/src/usr.sbin/lpr/lpd/printjob.c: function void printjob(struct printer* 
pp), line 203: replace those 2 lines mentioned above with:

		 if (stat(pp->lock_file, &stb) == 0)
		 {
		 		 if (stb.st_mode & LFM_PRINT_DIS)
		 		 {
		 		 		 exit(0);		 		 /* printing disabled */
		 		 }
		 } else
		 {
		 		 stb.st_mode = LOCK_FILE_MODE;
		 }

rebuild and install lpd. Works for me.

Workaround:

create lock files after creating spool directories:

 mkdir /var/spool/lpd/rattan
 touch /var/spool/lpd/rattan/lock

and/or change attributes of lock file:

 chmod 664 /var/spool/lpd/rattan/lock
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-amd64 mailing list