Bug 5032 - Backtrace when getting malformed XML-RPC data
Summary: Backtrace when getting malformed XML-RPC data
Status: NEW
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Other (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: LowPrio
Assignee: Bugzilla mail exporter
URL:
Keywords:
Depends on:
Blocks: 7659
  Show dependency treegraph
 
Reported: 2014-03-20 16:02 CET by Henrik Andersson
Modified: 2022-01-31 10:49 CET (History)
0 users

See Also:
Acceptance Criteria:


Attachments

Description Henrik Andersson cendio 2014-03-20 16:02:57 CET
iconv get_public_sessioninfo.post -t latin1  | nc localhost 9000
2014-03-20 16:00:37 DEBUG vsmserver: Handling connection from ('127.0.0.1', 62113)
2014-03-20 16:00:37 ERROR vsmserver: Unhandled XMLRPC exception: <class 'thinlinc.vsm.xmlrpc.XMLDeMarshallingError'> ['not well-formed (invalid token): line 5, column 33', '<?xml version="1.0"?>\r\n<methodCall>\r\n   <methodName>get_public_sessioninfo</methodName>\r\n      <params>\r\n         <param><value><string>he\xe5n01</string></value></param>\r\n         <param><value><string>dhcp-252-250</string></value></param>\r\n         <param><value><int>1</int></value></param>\r\n      </params>\r\n</methodCall>\r\n'] Traceback (most recent call last):
  File "/opt/thinlinc/modules/thinlinc/vsm/async.py", line 112, in iii11
    obj . handle_read_event ( )
  File "/usr/lib64/python2.6/asyncore.py", line 428, in handle_read_event
    self.handle_read()
  File "/usr/lib64/python2.6/asynchat.py", line 140, in handle_read
    self.found_terminator()
  File "/opt/thinlinc/modules/thinlinc/vsm/xmlrpc.py", line 530, in found_terminator
    self . handle_request ( )
  File "/opt/thinlinc/modules/thinlinc/vsm/xmlrpc.py", line 542, in handle_request
    raise XMLDeMarshallingError , [ str ( ooO ) , self . payload ]
XMLDeMarshallingError: ['not well-formed (invalid token): line 5, column 33', '<?xml version="1.0"?>\r\n<methodCall>\r\n   <methodName>get_public_sessioninfo</methodName>\r\n      <params>\r\n         <param><value><string>he\xe5n01</string></value></param>\r\n         <param><value><string>dhcp-252-250</string></value></param>\r\n         <param><value><int>1</int></value></param>\r\n      </params>\r\n</methodCall>\r\n']
Comment 1 Henrik Andersson cendio 2014-03-21 08:09:43 CET
POST /RPC2 HTTP/1.1
User-Agent: Curl v125125
Host: localhost
Content-Type: text/xml
Content-Length: 324

<?xml version="1.0"?>
<methodCall>
   <methodName>get_public_sessioninfo</methodName>
      <params>
         <param><value><string>heån01</string></value></param>
         <param><value><string>dhcp-252-250</string></value></param>
         <param><value><int>1</int></value></param>
      </params>
</methodCall>
Comment 2 Pierre Ossman cendio 2021-03-09 16:58:50 CET
That is a malformed request as XML should be UTF-8 unless otherwise specified.

This happens no matter how the data is malformed, e.g. this can trigger it:

> (printf "POST /RPC2 HTTP/1.1\r\nContent-Length: 10\r\n\r\n" ; dd if=/dev/urandom) | nc localhost 904

It also happens to both vsmserver and vsmagent as they use the same parser.

Note You need to log in before you can comment on or make changes to this bug.