core dump in rpcclient getdriver
Ronan Waide
waider at waider.ie
Tue Jan 28 17:06:32 GMT 2003
hi folks,
ran this command:
rpcclient -U Administrator%password PDC -c "getdriver PRINTER"
and got this output:
[Windows 4.0]
Segmentation fault (core dumped)
Here's the stacktrace:
#0 0x080a8abd in strlen_w (src=0x0) at lib/util_unistr.c:312
#1 0x0809bf6f in pull_ucs2 (base_ptr=0x0, dest=0xbfffd8c0 "\027", src=0x0,
dest_len=256, src_len=4294967295, flags=25) at lib/charcnv.c:570
#2 0x080a88b6 in rpcstr_pull (dest=0xbfffd8c0 "\027", src=0x0, dest_len=256,
src_len=-1, flags=1) at lib/util_unistr.c:173
#3 0x0806f118 in display_print_driver_3 (i1=0x81d61f8)
at rpcclient/cmd_spoolss.c:875
#4 0x0806f4bb in cmd_spoolss_getdriver (cli=0x81b3ed0, mem_ctx=0x81d5238,
argc=2, argv=0x81d5208) at rpcclient/cmd_spoolss.c:984
#5 0x08069762 in do_cmd (cli=0x81b3ed0, cmd_entry=0x814b5d4,
cmd=0x8152680 "getdriver PR00001") at rpcclient/rpcclient.c:497
#6 0x080698a1 in process_cmd (cli=0x81b3ed0,
cmd=0x8152680 "getdriver PR00001") at rpcclient/rpcclient.c:556
#7 0x08069e54 in main (argc=6, argv=0xbffffaf4) at rpcclient/rpcclient.c:753
#8 0x4026e1c4 in __libc_start_main () from /lib/libc.so.6
Poking around in it, the default data type for the printer is NULL,
which is returned to the rpcclient as a null string. So when we get to
this:
875 rpcstr_pull(defaultdatatype, i1->defaultdatatype.buffer, sizeof(defaultdatatype), -1, STR_TERMINATE);
the coredump above is generated because i1->defaultdatatype.buffer is
NULL.
This only happens for a level 3 info dump - levels 1 and 2 are quite
okay. I presume the correct fix is to check at
rpcclient/cmd_spoolss.c:875 if the defaultdatatype is NULL or not, but
I'm not 100% sure, so I'll leave that to smarter folks :)
Cheers,
Waider.
--
waider at waider.ie / Yes, it /is/ very personal of me.
"The folks from Sendmail gave me a pocket knife. It has dozens of blades with
a seemingly infinite number of functions, just like Sendmail. The first time
I used it, it broke, just like Sendmail." - Kludge Dorsey
More information about the samba-technical
mailing list