> We are in function httpGets() which seemingly has been called with parameter > line being a NUL terminated string "Content-Security-Policy". > > We cycle in the loop 'while (lineptr < lineend)'. > http->used = -47 > bufptr > bufend > *lineptr = "Content-Security-Policy" > > As bufptr > bufend we never set eol. > > The function expects as input a string terminated by a linefeed. But the > parameter line = "Content-Security-Policy" has no linefeed. We should not > rely on web-servers providing well formed responses.
I think we have to rethink what is happening here a bit. In gdb, after hitting the infinite loop, I investigated the underlying file descriptor by printing `http->fd` and then matching it with what was outputted by `lsof`. I found a surprising discovery -- the file descriptor in use wasn't an Internet socket -- it was a Unix domain socket! I suspect the infinite loop we are hitting is from cups-browsed querying `/run/cups/cups.sock`. I believe that your debugging above Heinrich supports this hypothesis as well, since "Content-Security-Policy" is one of the headers returned by `/run/cups/cups.sock`. I am curious if you can reproduce my finding. For me, this was an unexpected discovery because if my analysis is correct then (1) I don't think we can easily blame buggy network printers for what is happening (but maybe the cups server is buggy?) and (2) I also don't think we can explain the nondeterminism behind this bug by appealing to random network errors, since this issue is occurring over a Unix domain socket and not (e.g.) a dodgy WiFi connection. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2049315 Title: cups-browsed running non-stop on two cores To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups-browsed/+bug/2049315/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
