[Bug 1914481] Re: use the size of the data when determining the server response
This bug was fixed in the package whoopsie - 0.2.69ubuntu0.3 --- whoopsie (0.2.69ubuntu0.3) focal; urgency=medium * src/whoopsie.c: modify server_response() so that it does not incorrectly assume that data is null-terminated and actually use the size of the data. (LP: #1914481) -- Brian Murray Thu, 04 Feb 2021 18:37:17 -0800 ** Changed in: whoopsie (Ubuntu Focal) Status: Fix Committed => Fix Released ** Changed in: whoopsie (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
This bug was fixed in the package whoopsie - 0.2.69ubuntu0.3 --- whoopsie (0.2.69ubuntu0.3) focal; urgency=medium * src/whoopsie.c: modify server_response() so that it does not incorrectly assume that data is null-terminated and actually use the size of the data. (LP: #1914481) -- Brian Murray Thu, 04 Feb 2021 18:37:17 -0800 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
This bug was fixed in the package whoopsie - 0.2.72.2 --- whoopsie (0.2.72.2) groovy; urgency=medium * src/whoopsie.c: modify server_response() so that it does not incorrectly assume that data is null-terminated and actually use the size of the data. (LP: #1914481) -- Brian Murray Thu, 04 Feb 2021 18:30:37 -0800 ** Changed in: whoopsie (Ubuntu Groovy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
** Changed in: whoopsie (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: whoopsie (Ubuntu Groovy) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
Groovy recreation of the issue: $ apt-cache policy whoopsie whoopsie: Installed: 0.2.72.1 root@clean-groovy-amd64:~# sudo CRASH_DB_URL=https://daisy.staging.ubuntu.com whoopsie -f [11:18:23] Using lock path: /var/lock/whoopsie/lock [11:18:23] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:18:23] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:18:23] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:18:23] Parsing /var/crash/_bin_cat.2001.crash. [11:18:23] Uploading /var/crash/_bin_cat.2001.crash. [11:18:24] Sent; server replied with: No error [11:18:24] Response code: 200 [11:18:24] Got command: CORE 0 --- Verification of the fix: root@clean-groovy-amd64:~# apt-cache policy whoopsie whoopsie: Installed: 0.2.72.2 [11:23:08] Parsing /var/crash/_bin_cat.2001.crash. [11:23:08] Uploading /var/crash/_bin_cat.2001.crash. [11:23:08] Sent; server replied with: No error [11:23:08] Response code: 200 [11:23:08] Reported OOPS ID 3ddb1a5e-6b0c-11eb-aff9-00163ed65bda [11:23:13] Sent; server replied with: No error [11:23:13] Response code: 200 Testing that it still works with production: root@clean-groovy-amd64:~# sudo CRASH_DB_URL=https://daisy.ubuntu.com whoopsie -f [11:23:55] Using lock path: /var/lock/whoopsie/lock [11:23:55] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:23:55] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:23:55] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:23:59] Parsing /var/crash/_bin_cat.2001.crash. [11:23:59] Uploading /var/crash/_bin_cat.2001.crash. [11:24:10] Sent; server replied with: No error [11:24:10] Response code: 200 [11:24:10] Reported OOPS ID 6252751c-6b0c-11eb-98c2-fa163e983629 [11:24:13] Sent; server replied with: No error [11:24:13] Response code: 200 ** Tags removed: verification-needed verification-needed-groovy ** Tags added: verification-done verification-done-groovy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
Focal recreation of the failure: root@clean-focal-amd64:~# test/submit-crash test-crashes/hirsute/amd64/_usr_bin_apport-cli.2001.crash Submitting test-crashes/hirsute/amd64/_usr_bin_apport-cli.2001.crash ... NULL, Ubuntu 21.04, /usr/bin/apport-cli root@clean-focal-amd64:~# apt-cache policy whoopsie whoopsie: Installed: 0.2.69ubuntu0.2 ... [11:04:01] Parsing /var/crash/_usr_bin_apport-cli.2001.crash. [11:04:01] Uploading /var/crash/_usr_bin_apport-cli.2001.crash. [11:04:01] Sent; server replied with: No error [11:04:01] Response code: 200 [11:04:01] Got command: OOPSID 0 Verification of the fix: root@clean-focal-amd64:~# apt-cache policy whoopsie whoopsie: Installed: 0.2.69ubuntu0.3 root@clean-focal-amd64:~# test/submit-crash test-crashes/hirsute/amd64/_usr_bin_apport-cli.2001.crash Submitting test-crashes/hirsute/amd64/_usr_bin_apport-cli.2001.crash ... e603db9e-6b09-11eb-aff9-00163ed65bda, Ubuntu 21.04, /usr/bin/apport-cli [11:06:22] Parsing /var/crash/_usr_bin_apport-cli.2001.crash. [11:06:22] Uploading /var/crash/_usr_bin_apport-cli.2001.crash. [11:06:22] Sent; server replied with: No error [11:06:22] Response code: 200 [11:06:22] Reported OOPS ID e603db9e-6b09-11eb-aff9-00163ed65bda Additional test using production error tracker: bdmurray@clean-focal-amd64:~$ sudo CRASH_DB_URL=https://daisy.ubuntu.com whoopsie -f [11:07:37] Using lock path: /var/lock/whoopsie/lock [11:07:37] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:07:37] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:07:37] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/1 [11:07:41] Parsing /var/crash/_usr_bin_apport-cli.2001.crash. [11:07:41] Uploading /var/crash/_usr_bin_apport-cli.2001.crash. [11:07:55] Sent; server replied with: No error [11:07:55] Response code: 200 [11:07:55] Reported OOPS ID 1b83dec2-6b0a-11eb-8f66-fa163e6cac46 ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
Hello Brian, or anyone else affected, Accepted whoopsie into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/whoopsie/0.2.69ubuntu0.3 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: whoopsie (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed-focal ** Description changed: + [Note] + This SRU has been built in a security-only PPA and should be released to both -updates and -security. + [Impact] whoopsie's server_response code is using "g_string_append" instead of "g_string_append_len" which has the knock on effect of sending too much data to its "handle_response". This ends up being a problem if the daisy servers are running on Ubuntu 18.04 instead of Ubuntu 16.04. Here's an example when using whoopsie on groovy to send a crash to a bionic daisy server: [15:35:30] Sent; server replied with: No error [15:35:30] Response code: 200 [15:35:30] Initial response data is: 2bbb776e-64e6-11eb-a8d6-00163eddedf4 OOPSID 0 [15:35:30] Got command: OOPSID We can see a fair number of extra characters (\n0\n\n) after the OOSID command. This becomes more problematic when daisy requests a core dump from the client as the CORE command won't match and the client will never send the core dump. [Test Case] Setup a Bionic version of the Error Tracker: 0) modify /etc/hosts so daisy.staging.ubuntu.com points to the IP of the apache server for daisy 1) sudo service stop whoopsie 2) sudo CRASH_DB_URL=https://daisy.staging.ubuntu.com whoopsie -f 3) Run test/submit-crash test-crashes/hirsute/amd64/_bin_cat.2001.crash 4) check the whoopsie log file for "Got command: OOPSID" and extra data. With the version of whoopsie from -proposed this will not happen. Additionally, a regression test should be run against the staging version of the error tracker by removing the entry from /etc/hosts for the daisy.staging server. After confirming that one test crash works one should also send a python crash, and an end of life release crash as those all generate different response codes from the server. [Regression Potential] The code being changed is clearly wrong and doesn't confirm to the curl API https://curl.se/libcurl/c/CURLOPT_WRITEFUNCTION.html. Additionallly, this is similar to the code before r707 of daisy which introduced this change so there is little chance of regression. That being said we are running a regression test to ensure whoopsie works with servers running Ubuntu 16.04. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
Hello Brian, or anyone else affected, Accepted whoopsie into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/whoopsie/0.2.72.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-groovy. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: whoopsie (Ubuntu Groovy) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-groovy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1914481] Re: use the size of the data when determining the server response
** Changed in: whoopsie (Ubuntu Groovy) Assignee: (unassigned) => Brian Murray (brian-murray) ** Changed in: whoopsie (Ubuntu Focal) Assignee: (unassigned) => Brian Murray (brian-murray) ** Changed in: whoopsie (Ubuntu Groovy) Status: New => In Progress ** Changed in: whoopsie (Ubuntu Focal) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1914481 Title: use the size of the data when determining the server response To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1914481/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs