[Popcon-developers] Bug#833695: Bug#833695: strange popcon data on web (getting worse)
Bill Allombert
ballombe at debian.org
Mon Sep 18 10:44:24 UTC 2017
On Mon, Sep 18, 2017 at 02:29:53PM +0900, Osamu Aoki wrote:
> Hi,
>
> I just noticed popcon data is full of strange package names with illegal
> characters:
>
> ^@ (Ox00)
> ^A (Ox01)
> /
> <
> - (starting)
> _
> .
>
> Situation may be getting worse than what Chris reported as I see the
> data.
>
> For example:
> Package: /mCTge2x 0 0 0 1
> Package: /miv5p4ngaN05^Atkg-30/iLe/usro0400 0 0 0 1
> Package: /ml/ccSe3d1emdyn03bCe5.-mt6 0 0 0 1
> Package: /onninpxs3modeits 0 0 0 1
> Package: /r3n4qLD9341s0OsMsl2l0160m00 0 0 0 1
> Package: /r3n4qLD93Osk.jarrac5502e/gsa00 0 0 0 1
> Package: /sa 0 0 0 1
> Package: /sbin/setcap 0 0 0 1
> Package: /shinrmsgmaddrr0aatngs1xir/-0H0o9urWxm/d0a6 0 0 0 1
> Package: /su<Olibqmi-proxy 0 0 0 1
> Package: /tc6 0 0 0 1
> Package: /tcEMT_neeeearly2Oonur 0 0 0 1
> Package: /toovcbietdiauliai6_nib3_rsnpranoe/ia/i6_nib3mcpdds-dn 0 0 0 1
> Package: /toovctpa.erNv8ATIwdcw.cagx0eemb/nbualry/yc._-r0eemb/nbualry/yc._-r0eemb/nbualry/yc._-no6i1mkbubr5iriumglscbubr5iriumsceiumgrsR0np/0/r.-sR0np/0.h3oipsR0np/0/gg_C2dxmhlwpe.aPi1/ez6ve-HI1ss_r/ezkaa/p.ouaoec._n.gg_Cnib3_-r0eem.4t4/W2ht-/es0/gdaspp.oss-r0eem.4t4/W2ht-/es0/gdaspp.oss-r0eem.4t4t4gyefziimimweltthjo.eb.g6miis0ai6isPsTU4ygy6Mhpaterap8i- 0 0 0 1
> Package: /u 0 0 0 1
> Package: /u-CT0 0 0 0 1
> Package: /u-CTbin 0 0 0 1
> Package: /u0240akla 0 0 0 1
> Package: /u0k-52Lples2T-gb_it0600 0 0 0 1
> Package: /u2Bit.duntsse-mby-sr/nk94400 0 0 0 1
> Package: /u3Tuby-crhashemk3bsetuTuby-crhashemk3bsetuTuby-crhashemk3bsetuTuby-ashemk3bsetu.bsetuTuby-ashemk3bsetu.bsetuTubyr.m.Dte-CTI 0 0 0 1
> Package: /u4yWa1bpython3-pyc-n_ty 0 0 0 1
>
> Then I saw this bug report.
>
> I think popcon data gathering tool should filter out the entire report
> from the client sending bogus data.
>
> This maybe just broken user hacked client but this may be some kind of
> intrusion efforts. Chris's comment seems toindicate these are caused by
> a bug. That's better than what I was afraid.
>
> These useless data may choke other parsers (I parse this to make a set
> of data for debian-reference).
>
> For now, I will filter these data out here ...
I will have a look, but this bug report is unrelated.
I do not want to be in the business of deciding what it is valid and what
is not.
Cheers,
--
Bill. <ballombe at debian.org>
Imagine a large red swirl here.
More information about the Popcon-developers
mailing list