iconv get_public_sessioninfo.post -t latin1 | nc localhost 9000 2014-03-20 16:00:37 DEBUG vsmserver: Handling connection from ('127.0.0.1', 62113) 2014-03-20 16:00:37 ERROR vsmserver: Unhandled XMLRPC exception: <class 'thinlinc.vsm.xmlrpc.XMLDeMarshallingError'> ['not well-formed (invalid token): line 5, column 33', '<?xml version="1.0"?>\r\n<methodCall>\r\n <methodName>get_public_sessioninfo</methodName>\r\n <params>\r\n <param><value><string>he\xe5n01</string></value></param>\r\n <param><value><string>dhcp-252-250</string></value></param>\r\n <param><value><int>1</int></value></param>\r\n </params>\r\n</methodCall>\r\n'] Traceback (most recent call last): File "/opt/thinlinc/modules/thinlinc/vsm/async.py", line 112, in iii11 obj . handle_read_event ( ) File "/usr/lib64/python2.6/asyncore.py", line 428, in handle_read_event self.handle_read() File "/usr/lib64/python2.6/asynchat.py", line 140, in handle_read self.found_terminator() File "/opt/thinlinc/modules/thinlinc/vsm/xmlrpc.py", line 530, in found_terminator self . handle_request ( ) File "/opt/thinlinc/modules/thinlinc/vsm/xmlrpc.py", line 542, in handle_request raise XMLDeMarshallingError , [ str ( ooO ) , self . payload ] XMLDeMarshallingError: ['not well-formed (invalid token): line 5, column 33', '<?xml version="1.0"?>\r\n<methodCall>\r\n <methodName>get_public_sessioninfo</methodName>\r\n <params>\r\n <param><value><string>he\xe5n01</string></value></param>\r\n <param><value><string>dhcp-252-250</string></value></param>\r\n <param><value><int>1</int></value></param>\r\n </params>\r\n</methodCall>\r\n']
POST /RPC2 HTTP/1.1 User-Agent: Curl v125125 Host: localhost Content-Type: text/xml Content-Length: 324 <?xml version="1.0"?> <methodCall> <methodName>get_public_sessioninfo</methodName> <params> <param><value><string>heån01</string></value></param> <param><value><string>dhcp-252-250</string></value></param> <param><value><int>1</int></value></param> </params> </methodCall>
That is a malformed request as XML should be UTF-8 unless otherwise specified. This happens no matter how the data is malformed, e.g. this can trigger it: > (printf "POST /RPC2 HTTP/1.1\r\nContent-Length: 10\r\n\r\n" ; dd if=/dev/urandom) | nc localhost 904 It also happens to both vsmserver and vsmagent as they use the same parser.