Well then I also have 2 bugs.

1: part a channel before joining: /part #channel before a /join
2: /alias blaat blaat ; /blaat

Harmen

On Fri, Dec 28, 2001 at 02:51:37PM +0100, Erik Sperling Johansen wrote:
> >
> > Hello vuln-dev,
> >
> > I don't know if this is a widely known thing, but recently I.. um...
> > discovered a segmentation fault bug in every BitchX irc client I've
> > encountered.
>
> There are LOTS of segfaults in BitchX. I've reported a 4-5 to the
> developers during the last month, but fixes seem to be slow.
>
> > The problem occurs when you try to change your nick during a connection
> > to the server. If you do it before the server registeres your nick,
> > BitchX drops with a segfault.
>
> That's a new one for me. I've had several though related to code like this:
> memset(somestring, 0, strlen(somestring)-1)
>
> There are a 4-5 occurences of these if you grep for it in the source, and
> only one of these actually checks for a 0-length string.
>
> Also, the FE builtin scripting function is broken, it will consistently
> SEGV if passed: something "" something
>
> None of the popular BitchX scripts seem to be remotely exploitable because
> of this, although i didnt research too much.
>
>
>
> --
> Erik Sperling Johansen
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]