`guid.patch` applied by Arch package segfaults on incorrect uid

Description:

This issue consists of four different action items, but they are so closely related that it made sense to me to report them as one.

If, at the time of installation of the cups package, a cups user already exists on the system with a uid that is not 209, then after installation of cups, http://localhost:631/admin or any other URL except the root returns 500 internal server error, rendering the CUPS web interface entirely unusable.

The root cause is a bug in the patch guid.patch applied by the cups package: if getpwuid is passed a uid that does not correspond to a named user, it returns NULL, but the code does not check for that (issue 1). This is triggered because cups-files.conf hardcodes User 209 instead of User cups. (The packaged config files are also owned by 209 which is not necessarily cups, so this is justifyable.)

Additionally, the patch puts #include <pwd.h> in the middle of a function, which seems to work but is definitely not common practice. This should be fixed as well (issue 2).

From the seven year old issue for which the patch was introduced, it would appear that the patch might even no longer be needed (issue 3), though that would require further research to make sure.

This was triggered for me because I (somehow) had a cups user on my system before installing the cups package, with a different uid than the 209 which is assumed in the cups package. This did not trigger any error or warning upon installation, but silently skipped creation of the cups user (by systemd-sysusers).

Ideally the cups package would be modified to be more robust to this situation, either just working if the user already exists (chowning the necessary config files) or by failing loudly upon install (issue 4).

I can also imagine this causing mild security issues if user 209 already exists but with a different name. That unrelated user will have access to files that normally only root and cups can access.

Additional info:

• package version(s): 2.4.12
• config and/or log files: see upstream report
• link to upstream bug report, if any: https://github.com/OpenPrinting/cups/issues/1229

Steps to reproduce:

1. Uninstall cups.
2. Make sure you don't have a cups user.
3. Create a cups user with a uid that is not 209.
4. Install cups.
5. Start cups.service.
6. Visit http://localhost:631/admin.

A simpler way to trigger just the segfault:

1. Modify /etc/cups/cups-files.conf, setting User 9999 and Group 9999 (assuming user 9999 does not exist on your system).
2. Restart cups.service.
3. Visit http://localhost:631/admin.