summaryrefslogtreecommitdiff
path: root/methods/server.h
diff options
context:
space:
mode:
authorMichael Vogt <mvo@ubuntu.com>2015-05-22 15:28:53 +0200
committerMichael Vogt <mvo@ubuntu.com>2015-05-22 17:52:41 +0200
commit7c4511322e22c3d97c6d892204af67d240416e69 (patch)
tree158e18fc2728599166c9803b3e58dea5e76c2827 /methods/server.h
parent4694e07d450baa13fa04482752ca369a5797c640 (diff)
Fix endless loop in apt-get update that can cause disk fillup
The apt http code parses Content-Length and Content-Range. For both requests the variable "Size" is used and the semantic for this Size is the total file size. However Content-Length is not the entire file size for partital file requests. For servers that send the Content-Range header first and then the Content-Length header this can lead to globbing of Size so that its less than the real file size. This may lead to a subsequent passing of a negative number into the CircleBuf which leads to a endless loop that writes data. Thanks to Anton Blanchard for the analysis and initial patch. LP: #1445239
Diffstat (limited to 'methods/server.h')
-rw-r--r--methods/server.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/methods/server.h b/methods/server.h
index 1b81e3549..ed3cb456a 100644
--- a/methods/server.h
+++ b/methods/server.h
@@ -34,7 +34,8 @@ struct ServerState
char Code[360];
// These are some statistics from the last parsed header lines
- unsigned long long Size; // size of the usable content (aka: the file)
+ unsigned long long Size; // total size of the usable content (aka: the file)
+ unsigned long long DownloadSize; // size we actually download (can be smaller than Size if we have partial content)
unsigned long long JunkSize; // size of junk content (aka: server error pages)
unsigned long long StartPos;
time_t Date;