Bug#355111: konqueror: Konquerors PROPFIND infinite loops - some sort of DoS
Package: konqueror
Version: 4:3.5.1-1
Severity: normal
Hi!
Some days ago I discovered (again) Konqueror (KHTML) misbehaving on one of
my websites (http://www.buildd.net/). I blogged about this at
http://blog.windfluechter.net/?q=node/94 and therefore reporting a bug now.
Here are some Apache logfile snippets:
Example 1:
====================
host-a.univ-lyon1.fr - - [28/Feb/2006:16:37:53 +0100] "GET
/buildd/Installed_stats.png HTTP/1.1" 200 6608
"http://unstable.buildd.net/index-kfreebsd-amd
64.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.1 (like
Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:37:54 +0100] "PROPFIND /buildd/
HTTP/1.1" 405 327 "-" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux)
KHTML/3.5
.1 (like Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:38:18 +0100] "GET
/index-kfreebsd-amd64.html HTTP/1.1" 200 9702 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Li
nux) KHTML/3.5.1 (like Gecko) (Debian)" 0 unstable.buildd.net
====================
Everything ok.
Example 2:
====================
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:50 +0100] "GET
/index-kfreebsd-i386.html HTTP/1.1" 200 10939 "http://buildd.net/";
"Mozilla/5.0 (compatible;
Konqueror/3.5; Linux) KHTML/3.5.1 (like Gecko) (Debian)" 0
unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:53 +0100] "GET
/buildd/Installed_stats.png HTTP/1.1" 200 6252
"http://unstable.buildd.net/index-kfreebsd-i38
6.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.1 (like
Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:54 +0100] "PROPFIND /buildd/
HTTP/1.1" 302 307 "-" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux)
KHTML/3.5 .1 (like Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:54 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:55 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:55 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:16:46:55 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
athlon.lowpingbastards.de - - [28/Feb/2006:16:47:15 +0100] "GET
/status.phtml?<deleted> HTTP/1.0" 200
270 "-" "update-buildd.net/v0.91" 2 update.buildd.net
====================
Ok, the client now issued 4 requests in a row. Strange, but not that awful
as the next example...
Example 3:
====================
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:18 +0100] "GET
/buildd/kfreebsd-amd64_Installed.html HTTP/1.1" 200 2499
"http://unstable.buildd.net/index-kf
reebsd-amd64.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux)
KHTML/3.5.1 (like Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:18 +0100] "GET
/buildd/deb_txttohtml.css HTTP/1.1" 200 184
"http://unstable.buildd.net/buildd/kfreebsd-amd64
_Installed.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.1
(like Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:21 +0100] "GET
/buildd/Installed_stats.png HTTP/1.1" 200 6254
"http://unstable.buildd.net/index-kfreebsd-amd
64.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.1 (like
Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:21 +0100] "PROPFIND /buildd/
HTTP/1.1" 302 307 "-" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux)
KHTML/3.5
.1 (like Gecko) (Debian)" 0 unstable.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:21 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:21 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:21 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:22 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:22 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:22 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:22 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:22 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux ) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
[hundreds of requests deleted]
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:57 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
host-a.univ-lyon1.fr - - [28/Feb/2006:17:16:57 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5; Linux
) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
====================
This host (called host-a) is a different host than the one from the blog
entry, btw. Another example that this is not caused by a single misbehaving
host is the next example:
Example 4:
====================
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:13 +0100] "GET
/buildd/deb_txttohtml.css HTTP/1.1" 200 184
"http://unstable.buildd.net/buildd/kfree
bsd-amd64_Failed.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux)
KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 unstable.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:18 +0100] "GET
/buildd/Needs-Build_stats.png HTTP/1.1" 200 11947
"http://unstable.buildd.net/index-
kfreebsd-amd64.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux)
KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 unstable.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:19 +0100] "PROPFIND
/buildd/ HTTP/1.1" 302 307 "-" "Mozilla/5.0 (compatible; Konqueror/3.5;
Linux)
KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 unstable.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:19 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3
.5; Linux) KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 www.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:19 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3
.5; Linux) KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 www.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:19 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3
.5; Linux) KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 www.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:19 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3
.5; Linux) KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 www.buildd.net
97-159.surfsnel.dsl.internl.net - - [28/Feb/2006:17:41:19 +0100] "PROPFIND
/PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0 (compatible;
Konqueror/3
.5; Linux) KHTML/3.5.1 (like Gecko) Kubuntu 6.04 Dapper" 0 www.buildd.net
[hundreds of additional lines]
====================
So, the above is from Kubuntu. Maybe a hint for an upstream problem?
Just another short example to explain what *might* cause this follows.
Example 5:
====================
40.red-217-127-32.staticip.rima-tde.net - - [28/Feb/2006:21:14:16 +0100]
"GET /buildd/Needs-Build_stats.png HTTP/1.1" 200 11812
"http://unstable.buildd.ne
t/index-i386.html" "Mozilla/5.0 (compatible; Konqueror/3.5; Linux; ca)
KHTML/3.5.1 (like Gecko) (Debian)" 0 unstable.buildd.net
40.red-217-127-32.staticip.rima-tde.net - - [28/Feb/2006:21:14:17 +0100]
"PROPFIND /buildd/ HTTP/1.1" 302 307 "-" "Mozilla/5.0 (compatible;
Konqueror/3.5;
Linux; ca) KHTML/3.5.1 (like Gecko) (Debian)" 0 unstable.buildd.net
40.red-217-127-32.staticip.rima-tde.net - - [28/Feb/2006:21:14:18 +0100]
"PROPFIND /PageNotFound.html/ HTTP/1.1" 302 302 "-" "Mozilla/5.0
(compatible; Kon
queror/3.5; Linux; ca) KHTML/3.5.1 (like Gecko) (Debian)" 0 www.buildd.net
====================
As you can see, the user requested a valid file. Then he seems to want to
list the directorys contents, which is forbidden. Konqueror is redirected to
the ErrorDocument instead. It loops while issueing PROPFIND requests with
several requests per second (depending on clients processing power and
network bandwidth).
Hope this helps...
Regards,
Ingo
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.13
Locale: LANG=C, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)
Versions of packages konqueror depends on:
ii kcontrol 4:3.5.1-1 control center for KDE
ii kdebase-kio-plugins 4:3.5.1-1 core I/O slaves for KDE
ii kdelibs4c2a 4:3.5.1-2 core libraries for all KDE applica
ii kdesktop 4:3.5.1-1 miscellaneous binaries and files f
ii kfind 4:3.5.1-1 file-find utility for KDE
ii libacl1 2.2.35-1 Access control list shared library
ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi
ii libattr1 2.4.31-1 Extended attribute shared library
ii libaudio2 1.7-4 The Network Audio System (NAS). (s
ii libc6 2.3.6-2 GNU C Library: Shared libraries an
ii libfam0 2.7.0-9 Client library to control the FAM
ii libfontconfig1 2.3.2-2 generic font configuration library
ii libfreetype6 2.1.10-1 FreeType 2 font engine, shared lib
ii libgcc1 1:4.0.2-9 GCC support library
ii libice6 6.9.0.dfsg.1-4 Inter-Client Exchange library
ii libidn11 0.5.18-2 GNU libidn library, implementation
ii libjpeg62 6b-11 The Independent JPEG Group's JPEG
ii libkonq4 4:3.5.1-1 core libraries for Konqueror
ii libpng12-0 1.2.8rel-5 PNG library - runtime
ii libqt3-mt 3:3.3.5-4 Qt GUI Library (Threaded runtime v
ii libsm6 6.9.0.dfsg.1-4 X Window System Session Management
ii libstdc++6 4.0.2-9 The GNU Standard C++ Library v3
ii libx11-6 6.9.0.dfsg.1-4 X Window System protocol client li
ii libxcursor1 1.1.3-1 X cursor management library
ii libxext6 6.9.0.dfsg.1-4 X Window System miscellaneous exte
ii libxft2 2.1.8.2-3 FreeType-based font drawing librar
ii libxi6 6.9.0.dfsg.1-4 X Window System Input extension li
ii libxinerama1 6.9.0.dfsg.1-4 X Window System multi-head display
ii libxrandr2 6.9.0.dfsg.1-4 X Window System Resize, Rotate and
ii libxrender1 1:0.9.0.2-1 X Rendering Extension client libra
ii libxt6 6.9.0.dfsg.1-4 X Toolkit Intrinsics
ii zlib1g 1:1.2.3-9 compression library - runtime
konqueror recommends no packages.
-- no debconf information
Reply to: