dhis2-devs team mailing list archive

Thread
Date

Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?

To: Mark Polak <mark@xxxxxxxxx>
From: Calle Hedberg <calle.hedberg@xxxxxxxxx>
Date: Tue, 18 Oct 2016 14:41:58 +0200
Cc: Dan Cocos <dcocos@xxxxxxxxx>, dhis2-devs <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CALhJ3PJ-0r7TusvESDBpOi+a4fBZuO2gk8NLsV9gvsEOezKTnQ@mail.gmail.com>
Reply-to: calle.hedberg@xxxxxxxxx

Mark,

Thanks for the clarification. Now at least you guys know you are under 24
hours surveillance, no monkey bizniz will go unpunished....  ;-)

Regards
Calle

On 18 October 2016 at 12:30, Mark Polak <mark@xxxxxxxxx> wrote:

> Hey Calle,
>
> Halvdan is right, there has been a deployment of the maintenance app that
> included a bunch of irrelevant files as we accidentally deployed some files
> due to a deploy process that is not really ironed out perfectly yet. That
> should be nothing to worry about though.
>
> The size of the .war file will likely go down again with the next
> backport. You can safely deploy them :)
>
>
> On Tue, Oct 18, 2016 at 9:15 AM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
> wrote:
>
>> Halvdan,
>>
>> Far-fetched it might be, but the fact is that all war versions from 2.18
>> and up have had only minor size fluctuations (<1mb) up to now - I've been
>> keeping a set & updating them regularly for the last 2 years. That 20mb+
>> change is clearly abnormal, in particular when you consider the smaller
>> size of 2.25 (which means the bloating of 2.24 cannot be a result of
>> additional libraries now added to the code bundle)
>>
>> For now, I'm not deploying those bloated versions anywhere - better safe
>> than sorry and all that
>>
>> Regards
>> calle
>>
>> On 17 October 2016 at 19:00, Halvdan Hoem Grelland <halvdan@xxxxxxxxx>
>> wrote:
>>
>>> The idea that this is caused by malicious code is a bit far fetched.
>>>
>>> An educated guess:
>>>
>>> All of our "bundled" apps are now developed outside of the core code
>>> repository. They are then pulled in at build time and bundled into the
>>> final distribution war-file.
>>>
>>> In practice this means that it's possible for a distribution built from
>>> the same code base but at different times to contain different (minor)
>>> versions of the bundles app(s). This would reflect in the file size of the
>>> final artifact (and the hashes would differ, of course).
>>>
>>> That said, 20 or so megs is a lot, so not sure exactly what's been going
>>> on there. Maybe someone from the frontend team (Mark, looking at you) could
>>> shed some light (or disprove my theory).
>>>
>>> On Mon, Oct 17, 2016 at 6:26 PM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>> wrote:
>>>
>>>> Dan,
>>>>
>>>> Maybe - but then why is the 2.25 war file size much small again? It
>>>> makes no sense to introduce a new set of libraries at the same time as 2.25
>>>> is releases WITHOUT the same libs.
>>>>
>>>> Let's hope somebody from the core team can throw some light on this
>>>> when they sober up ;-)
>>>>
>>>> Regards
>>>> Calle
>>>>
>>>> On 17 October 2016 at 18:24, Dan Cocos <dcocos@xxxxxxxxx> wrote:
>>>>
>>>>> This is the commit where it increased in size
>>>>> https://github.com/dhis2/dhis2-core/commit/7f702badae3d701b8
>>>>> 64b0938c728f5993fb1ecd0
>>>>> 9d1eb33 is 136.4MB
>>>>> 7f702ba is 164.7MB
>>>>>
>>>>> I don't see anything obvious but maybe a new set of libs were
>>>>> introduced?
>>>>>
>>>>>
>>>>>
>>>>> On Oct 17, 2016, at 12:14 PM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>>>> wrote:
>>>>>
>>>>> Dan
>>>>>
>>>>> OK, but that's really weird. The 2.24 build from 5 days ago was
>>>>> 138mb....
>>>>>
>>>>> Anybody from the core team have an explanation? I don't want to use
>>>>> the new version before I know if there are nails in the soup....
>>>>>
>>>>> Regards
>>>>> Calle
>>>>>
>>>>> On 17 October 2016 at 17:31, Dan Cocos <dcocos@xxxxxxxxx> wrote:
>>>>>
>>>>>> Our build shows the same, 2.24 latest is 164MB
>>>>>>
>>>>>> On Oct 16, 2016, at 9:59 AM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>>>>> wrote:
>>>>>>
>>>>>> Dan,
>>>>>>
>>>>>> The latest one, from this morning (see http://ci.dhis2.org/job/d
>>>>>> his2-2.24/,   number #89)
>>>>>>
>>>>>> Regards
>>>>>> Calle
>>>>>>
>>>>>> On 16 October 2016 at 15:34, Dan Cocos <dcocos@xxxxxxxxx> wrote:
>>>>>>
>>>>>>> Hi Calle,
>>>>>>>
>>>>>>> Is there a specific revision that I can look at? We  maintain our
>>>>>>> own build server and I can compare.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Dan
>>>>>>>
>>>>>>>
>>>>>>> *Dan Cocos*
>>>>>>> Principal, BAO Systems
>>>>>>> dcocos@xxxxxxxxxxxxxx <nhobby@xxxxxxxxxxxxxx> | http:/
>>>>>>> /www.baosystems.com |  2900 K Street, Suite 404, Washington D.C.
>>>>>>> 20007
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Oct 16, 2016, at 6:39 AM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I've downloaded the latest war files for 2.21 to 2.25 from the
>>>>>>> continuation server, and I noticed some very strange and LARGE changes in
>>>>>>> war file sizes compared to 2-3 days ago:
>>>>>>>
>>>>>>> - 2.21 and 2.22 are more or less as before.
>>>>>>> - 2.23 have increased from 118mb to 119mb (should be OK).
>>>>>>> BUT
>>>>>>> - 2.24 have jumped from 136mb to 164mb (SUSPECT)
>>>>>>> - 2.25 are more or less as before (144mb)
>>>>>>>
>>>>>>> Can somebody explain why 2.24 size has expanded like that, and
>>>>>>> verify that it does not contain additional foreign malicious code?
>>>>>>>
>>>>>>> Regards
>>>>>>> Calle
>>>>>>>
>>>>>>> *******************************************
>>>>>>>
>>>>>>> Calle Hedberg
>>>>>>>
>>>>>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>>>>>
>>>>>>> Tel/fax (home): +27-21-685-6472
>>>>>>>
>>>>>>> Cell: +27-82-853-5352
>>>>>>>
>>>>>>> Iridium SatPhone: +8816-315-19119
>>>>>>>
>>>>>>> Email: calle.hedberg@xxxxxxxxx
>>>>>>>
>>>>>>> Skype: calle_hedberg
>>>>>>>
>>>>>>> *******************************************
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Mailing list: https://launchpad.net/~dhis2-devs
>>>>>>> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
>>>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs
>>>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> *******************************************
>>>>>>
>>>>>> Calle Hedberg
>>>>>>
>>>>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>>>>
>>>>>> Tel/fax (home): +27-21-685-6472
>>>>>>
>>>>>> Cell: +27-82-853-5352
>>>>>>
>>>>>> Iridium SatPhone: +8816-315-19119
>>>>>>
>>>>>> Email: calle.hedberg@xxxxxxxxx
>>>>>>
>>>>>> Skype: calle_hedberg
>>>>>>
>>>>>> *******************************************
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *******************************************
>>>>>
>>>>> Calle Hedberg
>>>>>
>>>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>>>
>>>>> Tel/fax (home): +27-21-685-6472
>>>>>
>>>>> Cell: +27-82-853-5352
>>>>>
>>>>> Iridium SatPhone: +8816-315-19119
>>>>>
>>>>> Email: calle.hedberg@xxxxxxxxx
>>>>>
>>>>> Skype: calle_hedberg
>>>>>
>>>>> *******************************************
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *******************************************
>>>>
>>>> Calle Hedberg
>>>>
>>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>>
>>>> Tel/fax (home): +27-21-685-6472
>>>>
>>>> Cell: +27-82-853-5352
>>>>
>>>> Iridium SatPhone: +8816-315-19119
>>>>
>>>> Email: calle.hedberg@xxxxxxxxx
>>>>
>>>> Skype: calle_hedberg
>>>>
>>>> *******************************************
>>>>
>>>>
>>>> _______________________________________________
>>>> Mailing list: https://launchpad.net/~dhis2-devs
>>>> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
>>>> Unsubscribe : https://launchpad.net/~dhis2-devs
>>>> More help   : https://help.launchpad.net/ListHelp
>>>>
>>>>
>>>
>>>
>>> --
>>> Halvdan Hoem Grelland
>>> Software developer, DHIS 2
>>> University of Oslo
>>> http://www.dhis2.org <https://www.dhis2.org/>
>>>
>>>
>>
>>
>> --
>>
>> *******************************************
>>
>> Calle Hedberg
>>
>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>
>> Tel/fax (home): +27-21-685-6472
>>
>> Cell: +27-82-853-5352
>>
>> Iridium SatPhone: +8816-315-19119
>>
>> Email: calle.hedberg@xxxxxxxxx
>>
>> Skype: calle_hedberg
>>
>> *******************************************
>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~dhis2-devs
>> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~dhis2-devs
>> More help   : https://help.launchpad.net/ListHelp
>>
>>
>
>
> --
> Regards,
>
>
> Mark Polak
> Software developer, DHIS 2
> University of Oslo
> http://www.dhis2.org <https://www.dhis2.org/>
> mark@xxxxxxxxx
>



-- 

*******************************************

Calle Hedberg

46D Alma Road, 7700 Rosebank, SOUTH AFRICA

Tel/fax (home): +27-21-685-6472

Cell: +27-82-853-5352

Iridium SatPhone: +8816-315-19119

Email: calle.hedberg@xxxxxxxxx

Skype: calle_hedberg

*******************************************

References

Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-16
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-16
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-17
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-17
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Halvdan Hoem Grelland, 2016-10-17
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-18
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Mark Polak, 2016-10-18