From ceafe8a6edc815df2923ba892894617829e9d3c2 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 22 May 2015 15:28:53 +0200 Subject: Fix endless loop in apt-get update that can cause disk fillup The apt http code parses Content-Length and Content-Range. For both requests the variable "Size" is used and the semantic for this Size is the total file size. However Content-Length is not the entire file size for partital file requests. For servers that send the Content-Range header first and then the Content-Length header this can lead to globbing of Size so that its less than the real file size. This may lead to a subsequent passing of a negative number into the CircleBuf which leads to a endless loop that writes data. Thanks to Anton Blanchard for the analysis and initial patch. LP: #1445239 --- test/interactive-helper/aptwebserver.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test/interactive-helper/aptwebserver.cc') diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc index cd52da692..9c67b67e4 100644 --- a/test/interactive-helper/aptwebserver.cc +++ b/test/interactive-helper/aptwebserver.cc @@ -654,13 +654,13 @@ static void * handleClient(void * voidclient) /*{{{*/ if (filesize > filestart) { data.Skip(filestart); - std::ostringstream contentlength; - contentlength << "Content-Length: " << (filesize - filestart); - headers.push_back(contentlength.str()); std::ostringstream contentrange; contentrange << "Content-Range: bytes " << filestart << "-" << filesize - 1 << "/" << filesize; headers.push_back(contentrange.str()); + std::ostringstream contentlength; + contentlength << "Content-Length: " << (filesize - filestart); + headers.push_back(contentlength.str()); sendHead(client, 206, headers); if (sendContent == true) sendFile(client, headers, data); -- cgit v1.2.3 From f4a91278c65b156c1addf27b0b05b029692959e8 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 22 May 2015 16:05:05 +0200 Subject: Add regression test for LP: #1445239 Add a regression test that reproduced the hang of apt when a partial file is present. Git-Dch: ignore --- test/interactive-helper/aptwebserver.cc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'test/interactive-helper/aptwebserver.cc') diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc index 9c67b67e4..e02caa2b3 100644 --- a/test/interactive-helper/aptwebserver.cc +++ b/test/interactive-helper/aptwebserver.cc @@ -654,6 +654,8 @@ static void * handleClient(void * voidclient) /*{{{*/ if (filesize > filestart) { data.Skip(filestart); + // make sure to send content-range before conent-length + // as regression test for LP: #1445239 std::ostringstream contentrange; contentrange << "Content-Range: bytes " << filestart << "-" << filesize - 1 << "/" << filesize; -- cgit v1.2.3