Issue #349: Certain koji calls crash when changelog contains unprintable characters - koji

koji

#349 Certain koji calls crash when changelog contains unprintable characters

Closed: Fixed 6 years ago Opened 7 years ago by puiterwijk.

When non-printable characters are added into the changelog, the Koji buildinfo page becomes totally unavailable for that build, just like getRPMHeaders calls for that build.

This is effectively causing a denial of service.

An example is at https://koji.fedoraproject.org/koji/buildinfo?buildID=869564 (cockpit-135-1.fc26).

The web interface errors with:

The main server returned an invalid response. This could be caused by a network issue or load issues on the server.
ExpatError: not well-formed (invalid token): line 21, column 77

The client returns:

Mar 16 08:50:05 bodhi-backend01.phx2.fedoraproject.org fedmsg-hub[14214]: [2017-03-16 08:50:05][      koji    INFO]f26-updates-testing Try #30 for call 1 (getRPMHeaders) failed: not well-formed (invalid token): line 30, column 77
Mar 16 08:50:15 bodhi-backend01.phx2.fedoraproject.org fedmsg-hub[14214]: [2017-03-16 08:50:15][bodhi.server WARNING]f26-updates-testing Failed 3 times to get rpm header data from koji for cockpit-135-1.fc26:  not well-formed (invalid token): line 30, column 77

This is caused by the fact that xmlrpclib does not handle unprintable characters, e.g.:

import xmlrpclib
p, _ = xmlrpclib.getparser()
a = u"<test>\x1a</test>"
p.feed(a)

mikem commented 7 years ago

Experiment shows that the decoder fails on any nonprintable characters, with the exception of tab, lf, and cr (the encoder does not seem to care). Valid utf8 is fine.

mikem commented 7 years ago

It's definitely not unicode in general. We handle that all the time.