[Popcon-developers] Bug#833695: strange popcon data on web (getting worse)

Subject: [Popcon-developers] Bug#833695: strange popcon data on web (getting worse)
From: aoki.osamu@gmail.com (Osamu Aoki)
Date: Mon, 18 Sep 2017 14:29:53 +0900
Message-id: <[🔎] 20170918052953.ut6ilrodpf65dvi7@tc4.so-net.ne.jp>
References: <1470611238.617448.688609841.673FC9D9@webmail.messagingengine.com>

Hi,

I just noticed popcon data is full of strange package names with illegal
characters:

 ^@    (Ox00)
 ^A    (Ox01)
 /
 <
 -     (starting)
 _
 .

Situation may be getting worse than what Chris reported as I see the
data.

For example:
Package: /mCTge2x                           0     0     0     1
Package: /miv5p4ngaN05^Atkg-30/iLe/usro0400     0     0     0     1
Package: /ml/ccSe3d1emdyn03bCe5.-mt6        0     0     0     1
Package: /onninpxs3modeits                  0     0     0     1
Package: /r3n4qLD9341s0OsMsl2l0160m00       0     0     0     1
Package: /r3n4qLD93Osk.jarrac5502e/gsa00     0     0     0     1
Package: /sa                                0     0     0     1
Package: /sbin/setcap                       0     0     0     1
Package: /shinrmsgmaddrr0aatngs1xir/-0H0o9urWxm/d0a6     0     0     0     1
Package: /su<Olibqmi-proxy                  0     0     0     1
Package: /tc6                               0     0     0     1
Package: /tcEMT_neeeearly2Oonur             0     0     0     1
Package: /toovcbietdiauliai6_nib3_rsnpranoe/ia/i6_nib3mcpdds-dn     0     0     0     1
Package: /toovctpa.erNv8ATIwdcw.cagx0eemb/nbualry/yc._-r0eemb/nbualry/yc._-r0eemb/nbualry/yc._-no6i1mkbubr5iriumglscbubr5iriumsceiumgrsR0np/0/r.-sR0np/0.h3oipsR0np/0/gg_C2dxmhlwpe.aPi1/ez6ve-HI1ss_r/ezkaa/p.ouaoec._n.gg_Cnib3_-r0eem.4t4/W2ht-/es0/gdaspp.oss-r0eem.4t4/W2ht-/es0/gdaspp.oss-r0eem.4t4t4gyefziimimweltthjo.eb.g6miis0ai6isPsTU4ygy6Mhpaterap8i-     0     0     0     1
Package: /u                                 0     0     0     1
Package: /u-CT0                             0     0     0     1
Package: /u-CTbin                           0     0     0     1
Package: /u0240akla                         0     0     0     1
Package: /u0k-52Lples2T-gb_it0600           0     0     0     1
Package: /u2Bit.duntsse-mby-sr/nk94400      0     0     0     1
Package: /u3Tuby-crhashemk3bsetuTuby-crhashemk3bsetuTuby-crhashemk3bsetuTuby-ashemk3bsetu.bsetuTuby-ashemk3bsetu.bsetuTubyr.m.Dte-CTI     0     0     0     1
Package: /u4yWa1bpython3-pyc-n_ty           0     0     0     1

Then I saw this bug report.

I think popcon data gathering tool should filter out the entire report
from the client sending bogus data.

This maybe just broken user hacked client but this may be some kind of
intrusion efforts.  Chris's comment seems toindicate these are caused by
a bug.  That's better than what I was afraid.

These useless data may choke other parsers (I parse this to make a set
of data for debian-reference).

For now, I will filter these data out here ...

Chris, who should we ask to get this fixed?

Regards,

Osamu

Reply to:

Follow-Ups:
- [Popcon-developers] Bug#833695: Bug#833695: strange popcon data on web (getting worse)
  - From: ballombe@debian.org (Bill Allombert)
- [Popcon-developers] Bug#833695: Bug#833695: strange popcon data on web (getting worse)
  - From: ballombe@debian.org (Bill Allombert)

Prev by Date: [Popcon-developers] the future of popcon-developers@lists.alioth.debian.org
Next by Date: [Popcon-developers] Bug#833695: strange popcon data on web (getting worse)
Previous by thread: [Popcon-developers] the future of popcon-developers@lists.alioth.debian.org
Next by thread: [Popcon-developers] Bug#833695: strange popcon data on web (getting worse)
Index(es):
- Date
- Thread