Ubuntu
expat package

Seeing out of memory errors after libexpat1 upgrade to 2.2.5-3ubuntu0.4 (bionic) or 2.2.9-1ubuntu0.2 (focal)

Bug #1961800 reported by Francis Ginther
56
This bug affects 10 people
Affects Status Importance Assigned to Milestone
expat (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
Fix Released
Undecided
Unassigned
Focal
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Kinetic
Fix Released
Undecided
Unassigned
Lunar
Fix Released
Undecided
Unassigned
python-xmltodict (Ubuntu)
Invalid
Undecided
Unassigned
Bionic
Invalid
Undecided
Unassigned
Focal
Invalid
Undecided
Unassigned
Jammy
Invalid
Undecided
Unassigned
Kinetic
Invalid
Undecided
Unassigned
Lunar
Invalid
Undecided
Unassigned

Bug Description

I started seeing errors parsing XML files today (Feb 22, 2022) after my system was updated to 2.2.5-3ubuntu0.4. This is on a bionic server.

The parsing is being done by python3's xmltodict module, which uses python3 expat as the actual parser. This is the error it raises:

xml.parsers.expat.ExpatError: out of memory: line 1, column 0

So far this is happening on multiple xml files, although they all come from the same source (these are jenkins config.xml files). I'm working on coming up with a minimal test case which I'll provide once I have it cleaned up of any private data.

[System info]
$ lsb_release -rd
Description: Ubuntu 18.04.6 LTS
Release: 18.04

$ apt-cache policy libexpat1
libexpat1:
  Installed: 2.2.5-3ubuntu0.4
  Candidate: 2.2.5-3ubuntu0.4
  Version table:
 *** 2.2.5-3ubuntu0.4 500
        500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        500 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages
        100 /var/lib/dpkg/status
     2.2.5-3 500
        500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages

Revision history for this message
Francis Ginther (fginther) wrote :

I was able to workaround the issue by downgrading to the release version of the package:

$ sudo apt-get install libexpat1=2.2.5-3 libexpat1-dev=2.2.5-3

Revision history for this message
Francis Ginther (fginther) wrote :

Attached is an example config file and python script which demonstrates the parsing error. This was reproduced on focal with:

$ apt-cache policy libexpat1
libexpat1:
  Installed: 2.2.9-1ubuntu0.2
  Candidate: 2.2.9-1ubuntu0.2
  Version table:
 *** 2.2.9-1ubuntu0.2 500
        500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
        100 /var/lib/dpkg/status
     2.2.9-1build1 500
        500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages

This example worked with 2.2.9-1build1 but not 2.2.9-1ubuntu0.2.

To run the example:

$ ./parser_example.py ./sample-config.xml

The sample-config.xml was generated by jenkins (version 2.303.2) of a freestyle project with only the job name and description set.

summary: - Seeing out of memory errors after upgrade to 2.2.5-3ubuntu0.4
+ Seeing out of memory errors after upgrade to 2.2.5-3ubuntu0.4 (bionic)
+ or 2.2.9-1ubuntu0.2 (focal)
Revision history for this message
Francis Ginther (fginther) wrote : Re: Seeing out of memory errors after upgrade to 2.2.5-3ubuntu0.4 (bionic) or 2.2.9-1ubuntu0.2 (focal)

This may be an issue with the python3 xmltodict module. Further testing indicates that parsing a file with just xml.parsers.expat is working just fine.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in expat (Ubuntu):
status: New → Confirmed
Revision history for this message
Francis Ginther (fginther) wrote :

Moving this to xmltodict as I've been able to parse multiple xml files through just python3's xml.parsers.expat without error, but none of them through xmltodict.

Changed in python-xmltodict (Ubuntu):
status: New → Confirmed
Changed in expat (Ubuntu):
status: Confirmed → Invalid
summary: - Seeing out of memory errors after upgrade to 2.2.5-3ubuntu0.4 (bionic)
- or 2.2.9-1ubuntu0.2 (focal)
+ Seeing out of memory errors after libexpat1 upgrade to 2.2.5-3ubuntu0.4
+ (bionic) or 2.2.9-1ubuntu0.2 (focal)
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Note that version 2.2.9-1ubuntu0.2 has gone on bionic.

Revision history for this message
Valentin Lorentz (progval) wrote :

This can be reproduced without xmltodict, using only the stdlib:

>>> from xml.parsers import expat
>>> parser = expat.ParserCreate(namespace_separator=':')
>>> parser.Parse('<foo></foo>', True)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
xml.parsers.expat.ExpatError: out of memory: line 1, column 0

Revision history for this message
EugeneLVB (eugenelvb) wrote :

Confirm the problem on focal

Revision history for this message
Olivier Feys (folfure) wrote :

This issue is probably linked to a misuse of libexpat1 in the pyexpat python library.
Also happening on debian

Revision history for this message
Janne Myllylä (jamyllyla) wrote :

Libexpat1 is in wide use and reducing functionality without versioning seems like a bad idea. After this security update those "misusing" - or those depending from pyexpat now stopped working properly.

Revision history for this message
Martin Holmes (mholmes) wrote :

This also affects the rnv RELAXNG validator, which although a bit long in the tooth is still useful.

Revision history for this message
Robert Coup (rcoup) wrote :

Upstream issue: https://github.com/libexpat/libexpat/issues/572

Revision history for this message
Robert Coup (rcoup) wrote :

There’s an upstream fix that has been merged: https://github.com/libexpat/libexpat/pull/577

Revision history for this message
Corey Bryant (corey.bryant) wrote :

It seems this is fixed in Ubuntu Lunar in expat 2.5.0.

Changed in python-xmltodict (Ubuntu):
status: Confirmed → Invalid
Changed in expat (Ubuntu Lunar):
status: Invalid → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

This is also fixed in kinetic via expat 2.4.8

Changed in expat (Ubuntu Kinetic):
status: New → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Also fixed in jammy expat 2.4.7

Changed in expat (Ubuntu Jammy):
status: New → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Also fixed in focal expat 2.2.9-1ubuntu0.6

Changed in expat (Ubuntu Focal):
status: New → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

And fixed in bionic expat 2.2.5-3ubuntu0.9

Changed in expat (Ubuntu Bionic):
status: New → Fix Released
Changed in python-xmltodict (Ubuntu Bionic):
status: New → Invalid
Changed in python-xmltodict (Ubuntu Focal):
status: New → Invalid
Changed in python-xmltodict (Ubuntu Jammy):
status: New → Invalid
Changed in python-xmltodict (Ubuntu Kinetic):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.