Vulnerability Development mailing list archives
Re: BitchX Segmentation Fault
From: Harmen <sigmo () cc3133-a sigmo cx>
Date: Fri, 28 Dec 2001 22:45:00 +0100
Well then I also have 2 bugs. 1: part a channel before joining: /part #channel before a /join 2: /alias blaat blaat ; /blaat Harmen On Fri, Dec 28, 2001 at 02:51:37PM +0100, Erik Sperling Johansen wrote:
Hello vuln-dev, I don't know if this is a widely known thing, but recently I.. um... discovered a segmentation fault bug in every BitchX irc client I've encountered.There are LOTS of segfaults in BitchX. I've reported a 4-5 to the developers during the last month, but fixes seem to be slow.The problem occurs when you try to change your nick during a connection to the server. If you do it before the server registeres your nick, BitchX drops with a segfault.That's a new one for me. I've had several though related to code like this: memset(somestring, 0, strlen(somestring)-1) There are a 4-5 occurences of these if you grep for it in the source, and only one of these actually checks for a 0-length string. Also, the FE builtin scripting function is broken, it will consistently SEGV if passed: something "" something None of the popular BitchX scripts seem to be remotely exploitable because of this, although i didnt research too much. -- Erik Sperling Johansen
Current thread:
- BitchX Segmentation Fault NETKOJI (Dec 23)
- Re: BitchX Segmentation Fault Erik Sperling Johansen (Dec 28)
- Re: BitchX Segmentation Fault Ugen (Dec 28)
- Re: BitchX Segmentation Fault Erik Sperling Johansen (Dec 29)
- Re: BitchX Segmentation Fault cathedral (Dec 29)
- Re: BitchX Segmentation Fault Ugen (Dec 28)
- Re: BitchX Segmentation Fault Harmen (Dec 28)
- Re: BitchX Segmentation Fault Erik Sperling Johansen (Dec 28)
- <Possible follow-ups>
- Re: BitchX Segmentation Fault gaksamit2 (Dec 29)