Re: BitchX Segmentation Fault
From: Erik Sperling Johansen (erik@sperling.no)Date: 12/28/01
- Previous message: magnet0: "Segmentation Fault in KaZaA"
- In reply to: NETKOJI: "BitchX Segmentation Fault"
- Next in thread: Ugen: "Re: BitchX Segmentation Fault"
- Reply: Ugen: "Re: BitchX Segmentation Fault"
- Reply: Harmen: "Re: BitchX Segmentation Fault"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Dec 2001 14:51:37 +0100 (CET) From: "Erik Sperling Johansen" <erik@sperling.no> To: vuln-dev@securityfocus.com
>
> Hello vuln-dev,
>
> I don't know if this is a widely known thing, but recently I.. um...
> discovered a segmentation fault bug in every BitchX irc client I've
> encountered.
There are LOTS of segfaults in BitchX. I've reported a 4-5 to the
developers during the last month, but fixes seem to be slow.
> The problem occurs when you try to change your nick during a connection
> to the server. If you do it before the server registeres your nick,
> BitchX drops with a segfault.
That's a new one for me. I've had several though related to code like this:
memset(somestring, 0, strlen(somestring)-1)
There are a 4-5 occurences of these if you grep for it in the source, and
only one of these actually checks for a 0-length string.
Also, the FE builtin scripting function is broken, it will consistently
SEGV if passed: something "" something
None of the popular BitchX scripts seem to be remotely exploitable because
of this, although i didnt research too much.
-- Erik Sperling Johansen
- Previous message: magnet0: "Segmentation Fault in KaZaA"
- In reply to: NETKOJI: "BitchX Segmentation Fault"
- Next in thread: Ugen: "Re: BitchX Segmentation Fault"
- Reply: Ugen: "Re: BitchX Segmentation Fault"
- Reply: Harmen: "Re: BitchX Segmentation Fault"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
