Bug#930574: wget -c: mishandles HTTP 416: "200 No headers, assuming HTTP/0.9"

Sat, 15 Jun 2019 12:06:34 -0700 

Package: wget
Version: 1.18-5+deb9u3
Severity: important
Control: fowarded -1 
https://lists.nongnu.org/archive/html/bug-wget/2017-12/msg00009.html
Control: fixed -1 1.19.3-1
"wget -c" mishandles HTTP 416 responses with non-empty body within persistent connections. This can lead to corruption of downloaded files: 

  $ wget -q https://www.debian.org/ https://www.debian.org/favicon.ico

  $ md5sum favicon.ico
  18b9afac212fe91cfb515caed318d068  favicon.ico

  $ truncate -s 1 favicon.ico

  $ wget -c https://www.debian.org/ https://www.debian.org/favicon.ico
  --2019-06-15 09:52:33--  https://www.debian.org/
  Resolving www.debian.org (www.debian.org)... 5.153.231.4, 130.89.148.14, 
2001:67c:2564:a119::148:14, ...
  Connecting to www.debian.org (www.debian.org)|5.153.231.4|:443... connected.
  HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable

      The file is already fully retrieved; nothing to do.

  --2019-06-15 09:52:33--  https://www.debian.org/favicon.ico
  Reusing existing connection to www.debian.org:443.
  HTTP request sent, awaiting response... 200 No headers, assuming HTTP/0.9
  Length: unspecified
  Saving to: ‘favicon.ico’

  favicon.ico                 [      <=>                       ]   6.76K  
--.-KB/s    in 4.8s

  2019-06-15 09:52:38 (1.42 KB/s) - ‘favicon.ico’ saved [6921]

  FINISHED --2019-06-15 09:52:38--
  Total wall clock time: 5.3s
  Downloaded: 1 files, 6.8K in 4.8s (1.42 KB/s)

  $ md5sum favicon.ico
  edad94dbc8a6a9d564f9f80b0aee0e68  favicon.ico

  $ head -n5 favicon.ico

  7b
  <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  <html><head>
  <title>416 Requested Range Not Satisfiable</title>
  </head><body>

This was fixed upstream in v1.19.3:
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=693cee01099b636257f31068d75ce6b506073cfe
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=3d2b2231cdaf11e678c5f4129c2dc6cb5f4132eb

Please get this bug fixed in stretch.


-- System Information:
Debian Release: 9.9
 APT prefers stable-updates
 APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Versions of packages wget depends on:
ii  libc6        2.24-11+deb9u4
ii  libgnutls30  3.5.8-5+deb9u4
ii  libidn11     1.33-1
ii  libnettle6   3.3-1+b2
ii  libpcre3     2:8.39-3
ii  libpsl5      0.17.0-3
ii  libuuid1     2.29.2-1+deb9u1
ii  zlib1g       1:1.2.8.dfsg-5

Versions of packages wget recommends:
ii  ca-certificates  20161130+nmu1+deb9u1

--
Jakub Wilk

Reply via email to