Bug#774690: unblock: gearmand/1.0.6-5

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#774690: unblock: gearmand/1.0.6-5
From: Stig Sandbeck Mathisen <ssm@fnord.no>
Date: Tue, 06 Jan 2015 10:13:07 +0100
Message-id: <[🔎] 20150106091307.32726.72693.reportbug@dagon.fnord.no>
Reply-to: Stig Sandbeck Mathisen <ssm@fnord.no>, 774690@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package gearmand

This version fixes #774143 (https://bugs.debian.org/774143), a bug
which makes the gearman job server unresponsive when given an invalid
http request, causing it to loop on the CPU and consume increasing
amounts of memory until killed.

The gearman "http" responder, which has this error, is not loaded by
default, but a command line switch in /etc/default/gearman-job-server
will enable it.

diff -Nru gearmand-1.0.6/debian/changelog gearmand-1.0.6/debian/changelog
--- gearmand-1.0.6/debian/changelog	2014-07-23 11:12:37.000000000 +0200
+++ gearmand-1.0.6/debian/changelog	2015-01-06 09:47:49.000000000 +0100
@@ -1,3 +1,10 @@
+gearmand (1.0.6-5) unstable; urgency=medium
+
+  * [db0b16d] Add patch to fix endless loop on bad http request.
+    Thanks to Alexei Pastuchov (Closes: #774143)
+
+ -- Stig Sandbeck Mathisen <ssm@debian.org>  Tue, 06 Jan 2015 09:47:37 +0100
+
 gearmand (1.0.6-4) unstable; urgency=medium
 
   * Change url for uscan to use launchpad.net
diff -Nru gearmand-1.0.6/debian/patches/0001-Bug-715322-gearmand-FTBFS-on-hurd-i386.patch gearmand-1.0.6/debian/patches/0001-Bug-715322-gearmand-FTBFS-on-hurd-i386.patch
--- gearmand-1.0.6/debian/patches/0001-Bug-715322-gearmand-FTBFS-on-hurd-i386.patch	2014-07-23 11:12:48.000000000 +0200
+++ gearmand-1.0.6/debian/patches/0001-Bug-715322-gearmand-FTBFS-on-hurd-i386.patch	2015-01-06 09:51:47.000000000 +0100
@@ -57,5 +57,5 @@
    mach_timespec_t _mach_timespec;
    host_get_clock_service(mach_host_self(), CALENDAR_CLOCK, &_clock_serv);
 -- 
-2.0.1
+2.1.4
 
diff -Nru gearmand-1.0.6/debian/patches/0002-bugfix-endless-loop-on-http-bad-request-or-bad-metho.patch gearmand-1.0.6/debian/patches/0002-bugfix-endless-loop-on-http-bad-request-or-bad-metho.patch
--- gearmand-1.0.6/debian/patches/0002-bugfix-endless-loop-on-http-bad-request-or-bad-metho.patch	1970-01-01 01:00:00.000000000 +0100
+++ gearmand-1.0.6/debian/patches/0002-bugfix-endless-loop-on-http-bad-request-or-bad-metho.patch	2015-01-06 09:51:47.000000000 +0100
@@ -0,0 +1,39 @@
+From 44d251715c0857c3666cba845f1b8a80257c3bdf Mon Sep 17 00:00:00 2001
+From: Stig Sandbeck Mathisen <ssm@debian.org>
+Date: Tue, 6 Jan 2015 08:39:53 +0100
+Subject: [PATCH] bugfix endless loop on http bad request or bad method
+
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774143
+Bug: https://bugs.launchpad.net/gearmand/+bug/1348865
+Origin: http://bazaar.launchpad.net/~1-infe-w/gearmand/1.0/revision/802
+Forwarded: not-needed
+Description: Fix endless loop on bad http request
+---
+ libgearman-server/plugins/protocol/http/protocol.cc | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libgearman-server/plugins/protocol/http/protocol.cc b/libgearman-server/plugins/protocol/http/protocol.cc
+index 73393f7..720e9d8 100644
+--- a/libgearman-server/plugins/protocol/http/protocol.cc
++++ b/libgearman-server/plugins/protocol/http/protocol.cc
+@@ -293,7 +293,7 @@ public:
+     {
+       gearmand_log_error(GEARMAN_DEFAULT_LOG_PARAM, "bad request line: %.*s", (uint32_t)request_size, request);
+       set_response(gearmand::protocol::httpd::HTTP_NOT_FOUND);
+-      ret_ptr= GEARMAN_SUCCESS;
++      ret_ptr= GEARMAN_INVALID_PACKET;
+       return 0;
+     }
+ 
+@@ -329,7 +329,7 @@ public:
+       {
+         gearmand_log_error(GEARMAN_DEFAULT_LOG_PARAM, "bad method: %.*s", (uint32_t)method_size, method_str);
+         set_response(gearmand::protocol::httpd::HTTP_METHOD_NOT_ALLOWED);
+-        ret_ptr= GEARMAN_SUCCESS;
++        ret_ptr= GEARMAN_INVALID_PACKET;
+         return 0;
+       }
+     }
+-- 
+2.1.4
+
diff -Nru gearmand-1.0.6/debian/patches/series gearmand-1.0.6/debian/patches/series
--- gearmand-1.0.6/debian/patches/series	2014-07-23 11:12:48.000000000 +0200
+++ gearmand-1.0.6/debian/patches/series	2015-01-06 09:51:47.000000000 +0100
@@ -1,2 +1,3 @@
 # debian/source/git-patches exported from git by quilt-patches-deb-export-hook
 0001-Bug-715322-gearmand-FTBFS-on-hurd-i386.patch
+0002-bugfix-endless-loop-on-http-bad-request-or-bad-metho.patch
diff -Nru gearmand-1.0.6/debian/source/git-patches gearmand-1.0.6/debian/source/git-patches
--- gearmand-1.0.6/debian/source/git-patches	2014-07-23 11:12:37.000000000 +0200
+++ gearmand-1.0.6/debian/source/git-patches	2015-01-06 09:47:49.000000000 +0100
@@ -1 +1,2 @@
 upstream/1.0.6..patches/1.0.6/715322-ftbfs-on-gnu-hurd
+upstream/1.0.6..patches/1.0.6/774143-endless-loop-on-bad-request


unblock gearmand/1.0.6-5

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing'), (100, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Reply to:

Follow-Ups:
- Bug#774690: marked as done (unblock: gearmand/1.0.6-5)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: Re: Bug#774677: unblock (pre-approval): mate-terminal/1.8.1+dfsg1-4
Next by Date: Bug#774692: unblock: piuparts/0.62
Previous by thread: Bug#774688: Wrong version
Next by thread: Bug#774690: marked as done (unblock: gearmand/1.0.6-5)
Index(es):
- Date
- Thread