[Bug 396979] New: libzypp sends user agent string that indicates memory corruption
https://bugzilla.novell.com/show_bug.cgi?id=396979 Summary: libzypp sends user agent string that indicates memory corruption Product: openSUSE 11.0 Version: RC 1 Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: libzypp AssignedTo: dmacvicar@novell.com ReportedBy: poeml@novell.com QAContact: qa@suse.de Found By: --- I noticed that libzypp does, after a few requests, starts sending a corrupted user agent. The UA string it sends becomes binary garbage which is logged by Apache in escaped form. I'm pretty sure that this is seen only with libzypp clients, and only with those who would send ""ZYpp x.x.x (curl x.x.x)" in their user agent (after the recent modification). Here's the log of one client showing the problem: x.228.152.6 - - [13/May/2008:01:40:04 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/noarch/kdebase4-wallpapers-4.0.73-3.3.noarch.rpm HTTP/1.0" 302 411 "-" "ZYpp 4.19.0 (curl 7.16.4)" ftp5.gwdg.de 388 814 EU:FR size:23722868 - x.228.152.6 - - [13/May/2008:01:40:31 +0200] "GET /repositories/KDE:/Qt44/openSUSE_10.3/x86_64/libqt4-devel-4.4.0-9.1.x86_64.rpm HTTP/1.0" 302 384 "-" "ZYpp 4.19.0 (curl 7.16.4)" ftp5.gwdg.de 361 760 EU:FR size:5898778 - x.228.152.6 - - [13/May/2008:01:41:00 +0200] "GET /repositories/KDE:/Qt44/openSUSE_10.3/noarch/libqt4-devel-doc-data-4.4.0-10.1.noarch.rpm HTTP/1.0" 302 389 "-" "ZYpp 4.19.0 (curl 7.16.4)" widehat.opensuse.org 371 778 EU:FR size:72021004 - x.228.152.6 - - [13/May/2008:01:42:11 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 405 "-" "ZYpp 4.19.0 (curl 7.16.4)" ftp5.gwdg.de 382 802 EU:FR size:80972302 - x.228.152.6 - - [13/May/2008:01:44:03 +0200] "GET /repositories/KDE:/Backports/openSUSE_10.3/x86_64/kcm_gtk-0.7svn20070827-21.15.x86_64.rpm HTTP/1.0" 302 411 "-" "ZYpp 4.19.0 (curl 7.16.4)" ftp.uni-heidelberg.de 372 823 EU:FR size:67881 - x.228.152.6 - - [13/May/2008:01:44:09 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdelibs3-3.5.9-61.2.x86_64.rpm HTTP/1.0" 302 381 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 339 754 EU:FR size:17063948 - x.228.152.6 - - [13/May/2008:01:44:36 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdelibs3-32bit-3.5.9-61.2.x86_64.rpm HTTP/1.0" 302 382 "-" "\xe8\xf9R\xb0\xaa*" widehat.opensuse.org 345 764 EU:FR size:8462044 - x.228.152.6 - - [13/May/2008:01:44:50 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/x86_64/libqt4-devel-doc-4.4.0-10.1.x86_64.rpm HTTP/1.0" 302 403 "-" "\x18[S\xb0\xaa*" widehat.opensuse.org 366 806 EU:FR size:9051375 - x.228.152.6 - - [13/May/2008:01:45:08 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/x86_64/libqimageblitz-devel-0.0.4-36.23.x86_64.rpm HTTP/1.0" 302 413 "-" "\x18[S\xb0\xaa*" ftp5.gwdg.de 371 818 EU:FR size:37992 - x.228.152.6 - - [13/May/2008:01:45:14 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/x86_64/libkde4-4.0.73-1.5.x86_64.rpm HTTP/1.0" 302 399 "-" "\x18[S\xb0\xaa*" ftp5.gwdg.de 357 790 EU:FR size:6016681 - x.228.152.6 - - [13/May/2008:01:45:22 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/noarch/kdegames4-carddecks-other-4.0.73-3.4.noarch.rpm HTTP/1.0" 302 417 "-" "\x18[S\xb0\xaa*" ftp5.gwdg.de 375 826 EU:FR size:5941809 - x.228.152.6 - - [13/May/2008:01:45:29 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-calc-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 410 "-" "\xd1" ftp5.gwdg.de 363 812 EU:FR size:8269070 - x.228.152.6 - - [13/May/2008:01:45:41 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-writer-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 412 "-" "\xb4" ftp5.gwdg.de 365 816 EU:FR size:5261872 - x.228.152.6 - - [13/May/2008:01:45:48 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-base-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 410 "-" "\xf1" ftp5.gwdg.de 363 812 EU:FR size:3721698 - x.228.152.6 - - [13/May/2008:01:45:54 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-math-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 426 "-" "@" ftp.uni-heidelberg.de 363 853 EU:FR size:1441076 - x.228.152.6 - - [13/May/2008:01:45:57 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-impress-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 429 "-" "\x10" ftp.uni-heidelberg.de 366 859 EU:FR size:1417054 - x.228.152.6 - - [13/May/2008:01:46:02 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-pyuno-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 406 "-" "\x10" widehat.opensuse.org 364 812 EU:FR size:213057 - x.228.152.6 - - [13/May/2008:01:46:04 +0200] "GET /repositories/OpenOffice.org:/UNSTABLE/openSUSE_10.3/x86_64/OpenOffice_org-draw-2.4.0.10-16.1.x86_64.rpm HTTP/1.0" 302 410 "-" "e" ftp5.gwdg.de 363 811 EU:FR size:1038597 - x.228.152.6 - - [13/May/2008:01:46:06 +0200] "GET /repositories/KDE:/Backports/openSUSE_10.3/x86_64/qtcurve-kde-0.59.1-3.3.x86_64.rpm HTTP/1.0" 302 384 "-" "ZYpp 4.19.0 (curl 7.16.4)" widehat.opensuse.org 366 768 EU:FR size:242339 - x.228.152.6 - - [13/May/2008:01:46:08 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdemultimedia3-video-xine-3.5.9-57.2.x86_64.rpm HTTP/1.0" 302 398 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 356 788 EU:FR size:113269 - x.228.152.6 - - [13/May/2008:01:46:10 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdegraphics3-pdf-3.5.9-39.4.x86_64.rpm HTTP/1.0" 302 389 "-" "\xe8\xf9R\xb0\xaa*" opensuse-linuxmigratio.at 347 782 EU:FR size:871532 - x.228.152.6 - - [13/May/2008:01:46:12 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdeartwork3-kscreensaver-3.5.9-41.3.x86_64.rpm HTTP/1.0" 302 397 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 355 785 EU:FR size:688491 - x.228.152.6 - - [13/May/2008:01:46:14 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdemultimedia3-3.5.9-57.2.x86_64.rpm HTTP/1.0" 302 387 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 345 766 EU:FR size:277525 - x.228.152.6 - - [13/May/2008:01:46:16 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdelibs3-arts-3.5.9-61.2.x86_64.rpm HTTP/1.0" 302 402 "-" "\xe8\xf9R\xb0\xaa*" ftp.uni-heidelberg.de 344 805 EU:FR size:198469 - x.228.152.6 - - [13/May/2008:01:46:19 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdemultimedia3-sound-3.5.9-57.2.x86_64.rpm HTTP/1.0" 302 409 "-" "\xe8\xf9R\xb0\xaa*" ftp.uni-heidelberg.de 351 819 EU:FR size:1825142 - x.228.152.6 - - [13/May/2008:01:46:23 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdelibs3-doc-3.5.9-61.2.x86_64.rpm HTTP/1.0" 302 380 "-" "\xe8\xf9R\xb0\xaa*" widehat.opensuse.org 343 760 EU:FR size:921983 - x.228.152.6 - - [13/May/2008:01:46:36 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdenetwork3-news-3.5.9-31.2.x86_64.rpm HTTP/1.0" 302 389 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 347 770 EU:FR size:334772 - x.228.152.6 - - [13/May/2008:01:46:41 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdeutils3-3.5.9-48.3.x86_64.rpm HTTP/1.0" 302 382 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 340 756 EU:FR size:2318954 - x.228.152.6 - - [13/May/2008:01:46:46 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdenetwork3-InstantMessenger-3.5.9-31.2.x86_64.rpm HTTP/1.0" 302 401 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 359 794 EU:FR size:7001249 - x.228.152.6 - - [13/May/2008:01:46:57 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdenetwork3-3.5.9-31.2.x86_64.rpm HTTP/1.0" 302 384 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 342 760 EU:FR size:1548095 - x.228.152.6 - - [13/May/2008:01:47:05 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdemultimedia3-mixer-3.5.9-57.2.x86_64.rpm HTTP/1.0" 302 388 "-" "\xe8\xf9R\xb0\xaa*" widehat.opensuse.org 351 776 EU:FR size:418579 - x.228.152.6 - - [13/May/2008:01:47:09 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdebase3-samba-3.5.9-89.2.x86_64.rpm HTTP/1.0" 302 403 "-" "\xe8\xf9R\xb0\xaa*" ftp.uni-heidelberg.de 345 807 EU:FR size:154846 - x.228.152.6 - - [13/May/2008:01:47:10 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdegraphics3-extra-3.5.9-39.4.x86_64.rpm HTTP/1.0" 302 407 "-" "\xe8\xf9R\xb0\xaa*" ftp.uni-heidelberg.de 349 814 EU:FR size:157184 - x.228.152.6 - - [13/May/2008:01:47:12 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdemultimedia3-CD-3.5.9-57.2.x86_64.rpm HTTP/1.0" 302 390 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 348 771 EU:FR size:1217897 - x.228.152.6 - - [13/May/2008:01:47:16 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdebase3-runtime-32bit-3.5.9-89.2.x86_64.rpm HTTP/1.0" 302 395 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 353 782 EU:FR size:841862 - x.228.152.6 - - [13/May/2008:01:47:19 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdegraphics3-postscript-3.5.9-39.4.x86_64.rpm HTTP/1.0" 302 396 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 354 784 EU:FR size:247897 - x.228.152.6 - - [13/May/2008:01:47:21 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdebase3-runtime-3.5.9-89.2.x86_64.rpm HTTP/1.0" 302 389 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 347 770 EU:FR size:998464 - x.228.152.6 - - [13/May/2008:01:47:27 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdegraphics3-kamera-3.5.9-39.4.x86_64.rpm HTTP/1.0" 302 392 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 350 776 EU:FR size:93183 - x.228.152.6 - - [13/May/2008:01:47:29 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdegraphics3-3.5.9-39.4.x86_64.rpm HTTP/1.0" 302 385 "-" "\xe8\xf9R\xb0\xaa*" ftp5.gwdg.de 343 762 EU:FR size:2468416 - x.228.152.6 - - [13/May/2008:01:47:38 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdesdk3-profile-3.5.9-38.3.x86_64.rpm HTTP/1.0" 302 404 "-" "\xe8\xf9R\xb0\xaa*" ftp.uni-heidelberg.de 346 809 EU:FR size:390157 - x.228.152.6 - - [13/May/2008:01:47:40 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/x86_64/libkonq4-4.0.73-1.4.x86_64.rpm HTTP/1.0" 302 400 "-" "\x18[S\xb0\xaa*" ftp5.gwdg.de 358 792 EU:FR size:96343 - x.228.152.6 - - [13/May/2008:01:47:42 +0200] "GET /repositories/KDE:/KDE4:/UNSTABLE:/Desktop/openSUSE_10.3/x86_64/kdebase4-runtime-4.0.73-1.3.x86_64.rpm HTTP/1.0" 302 408 "-" "\x18[S\xb0\xaa*" ftp5.gwdg.de 366 807 EU:FR size:6238247 I know that this isn't caused by memory corruption in Apache itself because I could track a request to a mirror, where the same corrupted user agent has been logged for the request (after redirection from download.opensuse.org). x.228.152.6 - - [13/May/2008:01:46:20 +0200] "GET /repositories/KDE:/KDE3/openSUSE_10.3/x86_64/kdegraphics3-pdf-3.5.9-39.4.x86_64.rpm HTTP/1.0" 200 871532 "-" "\xe8\xf9R\xb0\xaa*" Sometimes the user agent string stays the same for a few requests (also over the redirect), sometimes it seems to change with every request. I'm setting this bug to critical because it indicates a memory corruption which might have other harmful side effects than corrupting just this string. I can't tell whether it happens with Factory, RC1, or which version. The log is 3 weeks old and I didn't check a more recent one. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=396979
User ma@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=396979#c1
Michael Andres
https://bugzilla.novell.com/show_bug.cgi?id=396979
User ma@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=396979#c2
Michael Andres
participants (1)
-
bugzilla_noreply@novell.com