Code doesn't handle well exceptions stringified with trailing new lines

[mpantelimon]

Currently there's a vulnerability in the code in that exceptions stringified to texts which end with a new line character mess up Apt's messaging system.

This happens because in APTMessage.encode() a new line is added to each header, even if that header already contained a trailing new line. Two successive new line characters seem to make Apt unable to decode the message properly, hence displaying incorrect error messages.

This may not be the case with the current code, but I bumped into this situation when throwing a Boto S3ResponseError, which happen to stringify like this:

def __str__(self):
    return '%s: %s %s\n%s' % (self.__class__.__name__, self.status, self.reason, self.body)

In my case the body of the exception was empty, leading to a text ending with a new line.

So the following mind-blowing thing happened:

---

Case A

Code:

except S3ResponseError as e:
    raise Exception("something")

Outcome:

root@machine:/usr/lib/apt/methods# apt-get update
Err s3://some-bucket.s3.amazonaws.com stable/main amd64 Packages
Exception: something

---

Case B

Code:

except S3ResponseError as e:
    raise Exception("something " + str(e))

Outcome:

root@machine:/usr/lib/apt/methods# apt-get update
E: Method gave invalid 400 URI Failure message
E: Invalid message from method s3: URI: s3://somebucket.s3.amazonaws.com/dists/stable/InRelease

[vorlock]

Thx for reporting this issue I'll try to have a look at it when will find a bit of time.