Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

core dump in rpcclient getdriver

0 views
Skip to first unread message

Ronan Waide

unread,
Jan 28, 2003, 12:03:56 PM1/28/03
to
hi folks,

ran this command:
rpcclient -U Administrator%password PDC -c "getdriver PRINTER"

and got this output:

[Windows 4.0]
Segmentation fault (core dumped)

Here's the stacktrace:

#0 0x080a8abd in strlen_w (src=0x0) at lib/util_unistr.c:312
#1 0x0809bf6f in pull_ucs2 (base_ptr=0x0, dest=0xbfffd8c0 "\027", src=0x0,
dest_len=256, src_len=4294967295, flags=25) at lib/charcnv.c:570
#2 0x080a88b6 in rpcstr_pull (dest=0xbfffd8c0 "\027", src=0x0, dest_len=256,
src_len=-1, flags=1) at lib/util_unistr.c:173
#3 0x0806f118 in display_print_driver_3 (i1=0x81d61f8)
at rpcclient/cmd_spoolss.c:875
#4 0x0806f4bb in cmd_spoolss_getdriver (cli=0x81b3ed0, mem_ctx=0x81d5238,
argc=2, argv=0x81d5208) at rpcclient/cmd_spoolss.c:984
#5 0x08069762 in do_cmd (cli=0x81b3ed0, cmd_entry=0x814b5d4,
cmd=0x8152680 "getdriver PR00001") at rpcclient/rpcclient.c:497
#6 0x080698a1 in process_cmd (cli=0x81b3ed0,
cmd=0x8152680 "getdriver PR00001") at rpcclient/rpcclient.c:556
#7 0x08069e54 in main (argc=6, argv=0xbffffaf4) at rpcclient/rpcclient.c:753
#8 0x4026e1c4 in __libc_start_main () from /lib/libc.so.6

Poking around in it, the default data type for the printer is NULL,
which is returned to the rpcclient as a null string. So when we get to
this:

875 rpcstr_pull(defaultdatatype, i1->defaultdatatype.buffer, sizeof(defaultdatatype), -1, STR_TERMINATE);

the coredump above is generated because i1->defaultdatatype.buffer is
NULL.

This only happens for a level 3 info dump - levels 1 and 2 are quite
okay. I presume the correct fix is to check at
rpcclient/cmd_spoolss.c:875 if the defaultdatatype is NULL or not, but
I'm not 100% sure, so I'll leave that to smarter folks :)

Cheers,
Waider.
--
wai...@waider.ie / Yes, it /is/ very personal of me.
"The folks from Sendmail gave me a pocket knife. It has dozens of blades with
a seemingly infinite number of functions, just like Sendmail. The first time
I used it, it broke, just like Sendmail." - Kludge Dorsey

Tim Potter

unread,
Jan 28, 2003, 10:03:28 PM1/28/03
to
On Tue, Jan 28, 2003 at 05:06:32PM +0000, Ronan Waide wrote:

> hi folks,
>
> ran this command:
> rpcclient -U Administrator%password PDC -c "getdriver PRINTER"
>
> and got this output:
>
> [Windows 4.0]
> Segmentation fault (core dumped)

Hi - I've fixed this in the latest CVS. Thanks for reporting it!


Tim.

0 new messages