Debian Bug report logs - #274978
apt: Problems decoding chunked encoding

Reply or subscribe to this bug.

Display info messages

Message #5 received at [email protected] (full text, mbox, reply):

From: "Andrew M. Bishop" <[email protected]>

To: Debian Bug Tracking System <[email protected]>

Subject: apt: Problems decoding chunked encoding

Date: Mon, 04 Oct 2004 19:29:57 +0100

Package: apt
Version: 0.5.27
Severity: normal

Bug number #152711 reported that apt did not handle chunked encoding from the
server properly.  A fix for that bug was applied for v0.5.25 of apt.  I have
tested apt again recently and a different problem is now present with chunked
encoding.


When I retrieve a file from a server that uses chunked encoding apt will
sometimes corrupt the file by failing to remove the chunked encoding information
from the data stream.

For example the following is the file from /var/lib/apt/lists/partial/ for one
of the Release files (I have replaced the character 13 by the two characters ^M
so that it shows clearly in plain text).

--------------------
58^M
Archive: testing
Component: non-US/main
Origin: Debian
Label: Debian
Architecture: i386
^M
0^M
^M
--------------------

This is clearly the body that was sent from the server without removing the
chunked encoding.  The data is valid since it says the length is 0x58 bytes
which it clearly is.

The Packages.gz files all contain the ^M, 0^M, ^M lines at the end and are
corrupted in the middle as well.


-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (990, 'testing'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.7-67
Locale: LANG=C, LC_CTYPE=C

Versions of packages apt depends on:
ii  libc6                  2.3.2.ds1-13      GNU C Library: Shared libraries an
ii  libgcc1                1:3.4.1-4sarge1   GCC support library
ii  libstdc++5             1:3.3.4-6sarge1.2 The GNU Standard C++ Library v3

-- no debconf information

Message #10 received at [email protected] (full text, mbox, reply):

From: Dan Jacobson <[email protected]>

To: [email protected]

Cc: [email protected]

Subject: no sure download

Date: Sun, 10 Oct 2004 04:42:11 +0800

Here we see the effect reading from local wwwoffle on an offline system:

# aptitude install ftm
Need to get 27.2kB of archives. After unpacking 73.7kB will be used.
Get:1 http://debian.linux.org.tw sid/main ftm 0.0.7 [27.2kB]
Err http://debian.linux.org.tw sid/main ftm 0.0.7
  Error reading from server Remote end closed connection
# aptitude install ftm
Need to get 27.2kB of archives. After unpacking 73.7kB will be used.
Get:1 http://debian.linux.org.tw sid/main ftm 0.0.7 [27.2kB]
Fetched 27.2kB in 0s (2411kB/s)

One cannot reproduce it usually without rebooting, as internal buffers
filling affect timing issues, etc.

Message #21 received at [email protected] (full text, mbox, reply):

From: Christian Aichinger <[email protected]>

To: [email protected]

Subject: apt: Problems decoding chunked encoding

Date: Thu, 19 May 2005 13:22:56 +0200

[Message part 1 (text/plain, inline)]

On Sun, Oct 10, 2004 at 04:42:11AM +0800, Dan Jacobson wrote:
> Here we see the effect reading from local wwwoffle on an offline system:
> 
> # aptitude install ftm
> Need to get 27.2kB of archives. After unpacking 73.7kB will be used.
> Get:1 http://debian.linux.org.tw sid/main ftm 0.0.7 [27.2kB]
> Err http://debian.linux.org.tw sid/main ftm 0.0.7
>   Error reading from server Remote end closed connection
> # aptitude install ftm
> Need to get 27.2kB of archives. After unpacking 73.7kB will be used.
> Get:1 http://debian.linux.org.tw sid/main ftm 0.0.7 [27.2kB]
> Fetched 27.2kB in 0s (2411kB/s)
> 
> One cannot reproduce it usually without rebooting, as internal buffers
> filling affect timing issues, etc.

I can reproduce the problem, and I think I know why it happens.

I wrote a proxy that converts every data stream going over it to
Transfer-Encoding: Chunked. It's available at:
<URL:http://[email protected]/~greek0/div/chunked-proxy.py>

It works quite well AFAICT, but it relies on python's httplib, which
turned out to have some problems as well, at least if the servers
send strange data (\r in the headers without \r\n), as
ftp.at.debian.org does. So if you try it out and get garbled data
please make sure that it really is apt's fault.

The problem seems to be timing sensitive, since singlestepping in
gdb, as well as adding adding sleep(10) calls to the proxy prevent
it from happening.

The error message and the corrupted data comes from
HttpMethod::ServerDie, which is called by HttpMethod::Go when it
fails to read data from the server (ie. the server closed the
connection).

ServerDie then flushes all the Data that we have already read
(usually either all the Data the server sent us excluding headers,
or just the last part of the file that we haven't written out yet).
It does this even if we are using a Transfer-Encoding, so the
resulting file is corrupted, since the Encoding is not stripped.
Additionally we usually get a "Remote host closed connection" error.

I don't really know what's the right point to fix the problem. IMHO
ServerDie might be too late. HttpMethod::Go might be right, but I
don't know how we should detect a failing connection for
chunked encoding then.

Cheers,
Greek0

[signature.asc (application/pgp-signature, inline)]

Message #26 received at [email protected] (full text, mbox, reply):

From: "Eugene V. Lyubimkin" <[email protected]>

To: [email protected], "Andrew M. Bishop" <[email protected]>, Dan Jacobson <[email protected]>

Subject: state of #274978

Date: Sun, 16 Nov 2008 13:11:36 +0200

[Message part 1 (text/plain, inline)]

Hello Andrew, hello Dan.

Is the problem present in apt >= 0.7.16 ?

-- 
Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com
Ukrainian C++ developer, Debian APT contributor

[signature.asc (application/pgp-signature, attachment)]

Message #31 received at [email protected] (full text, mbox, reply):

From: [email protected]

To: [email protected]

Cc: [email protected], [email protected]

Subject: Re: state of #274978

Date: Mon, 17 Nov 2008 05:58:08 +0800

EVL> Is the problem present in apt >= 0.7.16 ?

I'm not sure... I'm no power user. All I know is I sometimes have to
do apt-get update twice on my tiny Openmoko phone...

Message #36 received at [email protected] (full text, mbox, reply):

From: "Eugene V. Lyubimkin" <[email protected]>

To: [email protected]

Cc: [email protected], [email protected]

Subject: Re: state of #274978

Date: Mon, 17 Nov 2008 00:11:20 +0200

[Message part 1 (text/plain, inline)]

[email protected] wrote:
> EVL> Is the problem present in apt >= 0.7.16 ?
> 
> I'm not sure... I'm no power user. All I know is I sometimes have to
> do apt-get update twice on my tiny Openmoko phone...
> 
I meant "Is the problem reproducable?".

Regards,
-- 
Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com
Ukrainian C++ developer, Debian APT contributor

[signature.asc (application/pgp-signature, attachment)]

Message #41 received at [email protected] (full text, mbox, reply):

From: [email protected]

To: [email protected]

Cc: [email protected], [email protected]

Subject: Re: state of #274978

Date: Mon, 17 Nov 2008 06:18:16 +0800

EVL> I meant "Is the problem reproducible?".
Let's ask those who reproduced it last time. All I know is "I ran in
to it back then"...

Message #46 received at [email protected] (full text, mbox, reply):

From: [email protected] (Andrew M. Bishop)

To: "Eugene V. Lyubimkin" <[email protected]>

Cc: [email protected], Dan Jacobson <[email protected]>

Subject: Re: state of #274978

Date: Thu, 20 Nov 2008 10:10:28 +0000

"Eugene V. Lyubimkin" <[email protected]> writes:

> Hello Andrew, hello Dan.
>
> Is the problem present in apt >= 0.7.16 ?

In 0.7.16+b1 the problem still seems to be there.  I can't see
anything in the version 0.7.16 changelog that would show that the
problem has been removed.

Using WWWOFFLE with the option "reply-chunked-data = yes" as a proxy
for apt (you can reproduce the bug yourself this way) I got the
following contents of the file
/var/lib/apt/lists/partial/security.debian.org_dists_lenny_updates_Release.gpg:

-------------------- Release.gpg --------------------
bd^M
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQBJIySipw2vU2Bw06ERAlyiAJ9U/XJcFnoS7ljy9E4yroB6td0+JgCfZOnq
Dupc2VvefbhnKLAo4Td/O/s=
=L6bw
-----END PGP SIGNATURE-----
^M
0^M
^M
-------------------- Release.gpg --------------------

The length of the good data is 189 bytes (0xbd in hex) and the file
looks just like it would be for un-decoded chunked encoding.

This can be proven to be the raw file that the proxy sends back by
using netcat (grabbed from xterm so ^M not visible):

-------------------- netcat --------------------
# netcat localhost 8080
GET http://ftp.uk.debian.org/debian/dists/lenny/Release.gpg HTTP/1.1

HTTP/1.1 200 OK
Date: Thu, 20 Nov 2008 09:33:08 GMT
Server: Apache/2.2.3 (Debian) mod_fastcgi/2.4.2 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
Last-Modified: Tue, 18 Nov 2008 20:25:06 GMT
ETag: "803b2-bd-7db8ec80"
Accept-Ranges: bytes
Content-Type: text/plain
Connection: close
Proxy-Connection: close
Transfer-Encoding: chunked

bd
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQBJIySipw2vU2Bw06ERAlyiAJ9U/XJcFnoS7ljy9E4yroB6td0+JgCfZOnq
Dupc2VvefbhnKLAo4Td/O/s=
=L6bw
-----END PGP SIGNATURE-----

0

-------------------- netcat --------------------


As one of the other messages attached to this bug report points out
the problem is timing sensitive.  When I ran "apt-get update" on the
machine with the proxy it failed once, I deleted the contents of the
directory /var/lib/apt/lists/partial and it worked after that.  When I
ran it on another machine the problem showed up as repeated fetching
of the same files which eventually were OK, but other files then had
the same problem.  There were so many problems that I had to turn off
the chunked encoding option.

This section of the "apt-get update" output shows the repeated
fetching of the same file.

-------------------- apt-get update --------------------
...
Get:55 http://ftp.uk.debian.org lenny Release.gpg            
Get:56 http://ftp.uk.debian.org lenny Release.gpg            
Get:57 http://ftp.uk.debian.org lenny Release.gpg                    
Get:58 http://ftp.uk.debian.org lenny Release.gpg                  
Get:59 http://ftp.uk.debian.org lenny Release.gpg                  
Get:60 http://ftp.uk.debian.org lenny Release.gpg                  
Get:61 http://ftp.uk.debian.org lenny Release.gpg                
Get:62 http://ftp.uk.debian.org lenny Release.gpg                
Get:63 http://ftp.uk.debian.org lenny Release.gpg                  
Get:64 http://ftp.uk.debian.org lenny Release.gpg                  
Get:65 http://ftp.uk.debian.org lenny Release.gpg                
Get:66 http://ftp.uk.debian.org lenny Release.gpg                
Get:67 http://ftp.uk.debian.org lenny Release.gpg                
Get:68 http://ftp.uk.debian.org lenny Release.gpg                
Get:69 http://ftp.uk.debian.org lenny Release.gpg                
Get:70 http://ftp.uk.debian.org lenny Release.gpg                
Get:71 http://ftp.uk.debian.org lenny Release.gpg                
Get:72 http://ftp.uk.debian.org lenny Release.gpg                
Get:73 http://ftp.uk.debian.org lenny Release.gpg                
...
-------------------- apt-get update --------------------


After upgrading to 0.7.18 the problem is still there.

-- 
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop                             [email protected]
                                      http://www.gedanken.demon.co.uk/

Message #51 received at [email protected] (full text, mbox, reply):

From: "Eugene V. Lyubimkin" <[email protected]>

To: "Andrew M. Bishop" <[email protected]>

Cc: [email protected], Dan Jacobson <[email protected]>

Subject: Re: state of #274978

Date: Thu, 20 Nov 2008 13:50:53 +0200

[Message part 1 (text/plain, inline)]

Andrew M. Bishop wrote:
> "Eugene V. Lyubimkin" <[email protected]> writes:
> 
>> Hello Andrew, hello Dan.
>>
>> Is the problem present in apt >= 0.7.16 ?
> 
> In 0.7.16+b1 the problem still seems to be there.  I can't see
> anything in the version 0.7.16 changelog that would show that the
> problem has been removed.
> 
> Using WWWOFFLE with the option "reply-chunked-data = yes" as a proxy
> for apt (you can reproduce the bug yourself this way) I got the
> following contents of the file
> /var/lib/apt/lists/partial/security.debian.org_dists_lenny_updates_Release.gpg:
> 
> -------------------- Release.gpg --------------------
> bd^M
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> 
> iD8DBQBJIySipw2vU2Bw06ERAlyiAJ9U/XJcFnoS7ljy9E4yroB6td0+JgCfZOnq
> Dupc2VvefbhnKLAo4Td/O/s=
> =L6bw
> -----END PGP SIGNATURE-----
> ^M
> 0^M
> ^M
> -------------------- Release.gpg --------------------
> 
> The length of the good data is 189 bytes (0xbd in hex) and the file
> looks just like it would be for un-decoded chunked encoding.
> 
> This can be proven to be the raw file that the proxy sends back by
> using netcat (grabbed from xterm so ^M not visible):
> 
> -------------------- netcat --------------------
> # netcat localhost 8080
> GET http://ftp.uk.debian.org/debian/dists/lenny/Release.gpg HTTP/1.1
> 
> HTTP/1.1 200 OK
> Date: Thu, 20 Nov 2008 09:33:08 GMT
> Server: Apache/2.2.3 (Debian) mod_fastcgi/2.4.2 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
> Last-Modified: Tue, 18 Nov 2008 20:25:06 GMT
> ETag: "803b2-bd-7db8ec80"
> Accept-Ranges: bytes
> Content-Type: text/plain
> Connection: close
> Proxy-Connection: close
> Transfer-Encoding: chunked
> 
> bd
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> 
> iD8DBQBJIySipw2vU2Bw06ERAlyiAJ9U/XJcFnoS7ljy9E4yroB6td0+JgCfZOnq
> Dupc2VvefbhnKLAo4Td/O/s=
> =L6bw
> -----END PGP SIGNATURE-----
> 
> 0
> 
> -------------------- netcat --------------------
> 
> 
> As one of the other messages attached to this bug report points out
> the problem is timing sensitive.  When I ran "apt-get update" on the
> machine with the proxy it failed once, I deleted the contents of the
> directory /var/lib/apt/lists/partial and it worked after that.  When I
> ran it on another machine the problem showed up as repeated fetching
> of the same files which eventually were OK, but other files then had
> the same problem.  There were so many problems that I had to turn off
> the chunked encoding option.
> 
> This section of the "apt-get update" output shows the repeated
> fetching of the same file.
> 
> -------------------- apt-get update --------------------
> ...
> Get:55 http://ftp.uk.debian.org lenny Release.gpg            
> Get:56 http://ftp.uk.debian.org lenny Release.gpg            
> Get:57 http://ftp.uk.debian.org lenny Release.gpg                    
> Get:58 http://ftp.uk.debian.org lenny Release.gpg                  
> Get:59 http://ftp.uk.debian.org lenny Release.gpg                  
> Get:60 http://ftp.uk.debian.org lenny Release.gpg                  
> Get:61 http://ftp.uk.debian.org lenny Release.gpg                
> Get:62 http://ftp.uk.debian.org lenny Release.gpg                
> Get:63 http://ftp.uk.debian.org lenny Release.gpg                  
> Get:64 http://ftp.uk.debian.org lenny Release.gpg                  
> Get:65 http://ftp.uk.debian.org lenny Release.gpg                
> Get:66 http://ftp.uk.debian.org lenny Release.gpg                
> Get:67 http://ftp.uk.debian.org lenny Release.gpg                
> Get:68 http://ftp.uk.debian.org lenny Release.gpg                
> Get:69 http://ftp.uk.debian.org lenny Release.gpg                
> Get:70 http://ftp.uk.debian.org lenny Release.gpg                
> Get:71 http://ftp.uk.debian.org lenny Release.gpg                
> Get:72 http://ftp.uk.debian.org lenny Release.gpg                
> Get:73 http://ftp.uk.debian.org lenny Release.gpg                
> ...
> -------------------- apt-get update --------------------
> 
> 
> After upgrading to 0.7.18 the problem is still there.
> 
Ok, acknowledged, thanks for detailed info.

-- 
Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com
Ukrainian C++ Developer, Debian APT contributor

[signature.asc (application/pgp-signature, attachment)]

Send a report that this bug log contains spam.