size mismatch error if request of unknown size is larger than others
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned | ||
Groovy |
Won't Fix
|
Undecided
|
Unassigned | ||
Hirsute |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Downloads fail if:
- there is at least one package each with Size and no size on a mirror
- a package without a Size field is larger than a package with a Size field that's currently in the pipeline
Also, this was silent, we need to add an error so people fix repos. For hirsute and earlier, this is a warning; for hirsute+1 it's an error so people's CI fails on them and doesn't "succeed with warnings"
[Test plan]
We have included a test case in the apt integration tests, which downloads three packages a, b, c where b is largest and has no Size field. With 2.2.2, it fails; with 2.2.3 it succceeds.
We have also added a test case that a warning is shown.
[Where problems could occur]
Problems can only occur if you try to download packages without a Size field, as that is the only place code changes (adding code guarded with if ... Size ... == 0; 0 being unknown size).
[Other changes]
2.2.3 includes the same change as 2.2.2ubuntu1
[Original bug report]
1) Ubuntu 18.04.5 LTS
2) apt 1.6.12ubuntu0.2
3) What you expected to happen
I set a custom set of repositories in /etc/apt/
4) What happened instead
"apt install ..." fails during the download phase with "File has unexpected size ...."
5) What I've established trying to debug the issue:
- Disabling http pipelining resolves the issue: "apt -oAcquire:
- All the packages, and repo metadata in the referenced repositories is correct
- The issue is easily reproducible in my setup with different repositories
- tcpdump shows that requests and responses are in the correct order, and contain the correct data
More details about the issue: https:/
With all the above in mind, it appears that this must be a bug in apt's http pipeline handling.
It seem that apt is trying to match a request to do wrong response, and size doesn't match.
I've attached an example log, where the error pops up for multiple packages, and they all appear to be compared to one size (86464 bytes). That size is correct for one of the package being downloaded, but somehow apt is trying to match to multiple other packages.
summary: |
- apt install - File has unexpected size - http pipeline + size mismatch error if request of unknown size is larger than others |
Changed in apt (Ubuntu Hirsute): | |
status: | Triaged → Fix Committed |
description: | updated |
description: | updated |
description: | updated |
Please let me know if you can reproduce this with 2.2.2 in hirsute. No changes can be made to the http method in stable releases, as it's super fragile - Every time we make changes, something else breaks.