Bug#290694: apt: http method garbles data with 'chunked' transfer-
I have this problem with apt 0.5.28.6 of testing/frozen.
It started to notice it when I was put behind a virus
scanning proxy. I started getting random package MD5
failures, even on the Packages.gz file.
Investigation (comparing a .deb from the partial directory
to the same deb fetched via wget (and double-checked with
curl), I found that the copy in partial had the same length,
but a random 0x0d missing and the following data block
shifted one byte. This is exactly as reported, and I
fully agree with Lothar when he says:
>And the routine CirclBuf::WriteTillEl() in http.cc from the apt source
>package 0.5.27 is definitely still buggy and will eat up a <CR> that
>happens to appear right at the beginning of a data chunk.
And this is on 0.5.28.6.
This means that the first
if (I < InP && Buf[I%Size] == '\r')
++I;
certainly is wrong.
Without understanding what exactly I was doing, I started by removing
these lines; but then apt hung ("waiting for headers") on any operation.
I then moved these two lines down into the
if (Single == false) {
block. Suddenly, everything started working, and I have downloaded
and installed the ~250 packages that had accumulated since that change
without problems.
ONCE AGAIN: WARNING! I HAVE NOT ANALYZED THE SOURCE FULLY AND I DO NOT
KNOW WHAT THIS CHANGE BREAKS. THIS IS MERE "GEE..IT WORKS" GUESSWORK!
If someone more acquainted with apt would please verify how far off
my guess might be?
I'd certainly vote this bug to be fixed in Sarge because apt is
a Priority: important package, and this particular bug may affect other
people behind proxies, who then will not have much chances to work
around it.
Regards,
Mario
--
Mario Lorenz Internet: <ml@vdazone.org>
Ham Radio: DL5MLO@OK0PKL.#BOH.CZE.EU
Remember: In god we trust -- all others we polygraph.
-- Jim Christy, Assistant for law enforcement, US Air Force
Reply to: