Bug#781858: apt: dangling pointer crash

To: David Kalnischkies <david@kalnischkies.de>
Cc: Tomasz Buchert <tomasz@debian.org>, 781858@bugs.debian.org
Subject: Bug#781858: apt: dangling pointer crash
From: Chris Bainbridge <chris.bainbridge@gmail.com>
Date: Mon, 6 Apr 2015 23:24:55 +0100
Message-id: <[🔎] CAP-bSRasDx3NQt0nHr_4cPOFX+wCA-K1sSxW5mzWzsrOoyeV-Q@mail.gmail.com>
Reply-to: Chris Bainbridge <chris.bainbridge@gmail.com>, 781858@bugs.debian.org
In-reply-to: <[🔎] 20150406202141.GA23546@crossbow>
References: <[🔎] CAP-bSRZ8deNZ_oiGZY6bVQXJp713kE1BkCCKGX0v6Lb69JnBVQ@mail.gmail.com> <[🔎] 20150406124633.GA14996@buchert.pl> <[🔎] CAP-bSRbfBvb=VY6VXk2+X9rc-by7wOOjCTM5U5e5baJwiNSuhQ@mail.gmail.com> <[🔎] 20150406134401.GA21260@buchert.pl> <[🔎] 20150406202141.GA23546@crossbow>

On 6 April 2015 at 21:21, David Kalnischkies <david@kalnischkies.de> wrote:
>
> I wonder what is so special about aptdaemon that it has problems now -
> so can someone please verify that this is really the problem and not
> just the first thing someone stumbled over while trying to find
> a culprit (no blame, it would be my first bet, too)?

Ok so the deduction process started with:

  File "/usr/lib/
python3/dist-packages/aptdaemon/progress.py", line 309, in _emit_acquire_item
    elif item.owner.mode:
UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 3-4:
invalid continuation byte"

This is the bug pattern that apparently gets hit ~200 times a day.

It is a python3 / UTF-8 problem.
The switch to python3 means that strings are UTF-8 by default; whereas
previously all strings were valid, now only UTF-8 strings are valid.
The reported crashes are in the python wrapper function handling the
get of 'mode'.
All this function does is read Mode and convert it to a Python string
(1 line of code).
So Mode is not valid UTF-8. Why? What sets Mode?
Mode is only set to string literals in apt source
Apart from in one place...
I saw the assignment before the comment (grep); the comment just
confirmed it was an issue

It's a crash with bad data at Mode, Mode is only ever set to string
literals, except for the dangling pointer to random data.

> Anyway, if that is really a problem we can fix that in a more compatible
> way: Instead of assigning the decompProg string, we can go with "decomp"
> or "unpack" or similar such. Its used only for display proposes anyway
> and if a user sees a "bzip2 21kB/42kB" or a "decomp 21/kB/42kB"² should
> not matter much (trivial diff attached).

Looks fine.

> ² 'decomp' mostly because apt has a tendency to use incomprehensible
> strings here – or does any "normal" user know what "rred" is?
> Most who see it think its a typo for 'read' after all. ;)

I did wonder what Mode was for when I first saw it - apt-python
describes Mode as "A localized string such as 'Fetching' which
indicates the current mode." But in the apt source, it was not
localized, and never got set to anything as descriptive as "Fetching",
which initially made me think it was some other variable.

Reply to:

References:
- Bug#781858: apt: dangling pointer crash
  - From: Chris Bainbridge <chris.bainbridge@gmail.com>
- Bug#781858: apt: dangling pointer crash
  - From: Tomasz Buchert <tomasz@debian.org>
- Bug#781858: apt: dangling pointer crash
  - From: Chris Bainbridge <chris.bainbridge@gmail.com>
- Bug#781858: apt: dangling pointer crash
  - From: Tomasz Buchert <tomasz@debian.org>
- Bug#781858: apt: dangling pointer crash
  - From: David Kalnischkies <david@kalnischkies.de>

Prev by Date: Bug#781858: apt: dangling pointer crash
Next by Date: Personaliseer de badges en plastic kaarten van uw bedrijf
Previous by thread: Bug#781858: apt: dangling pointer crash
Next by thread: Processed: Re: Bug#781858: apt: dangling pointer crash
Index(es):
- Date
- Thread