Vulnerability Development mailing list archives
Re: BitchX Segmentation Fault
From: "Erik Sperling Johansen" <erik () sperling no>
Date: Fri, 28 Dec 2001 14:51:37 +0100 (CET)
Hello vuln-dev, I don't know if this is a widely known thing, but recently I.. um... discovered a segmentation fault bug in every BitchX irc client I've encountered.
There are LOTS of segfaults in BitchX. I've reported a 4-5 to the developers during the last month, but fixes seem to be slow.
The problem occurs when you try to change your nick during a connection to the server. If you do it before the server registeres your nick, BitchX drops with a segfault.
That's a new one for me. I've had several though related to code like this: memset(somestring, 0, strlen(somestring)-1) There are a 4-5 occurences of these if you grep for it in the source, and only one of these actually checks for a 0-length string. Also, the FE builtin scripting function is broken, it will consistently SEGV if passed: something "" something None of the popular BitchX scripts seem to be remotely exploitable because of this, although i didnt research too much. -- Erik Sperling Johansen
Current thread:
- BitchX Segmentation Fault NETKOJI (Dec 23)
- Re: BitchX Segmentation Fault Erik Sperling Johansen (Dec 28)
- Re: BitchX Segmentation Fault Ugen (Dec 28)
- Re: BitchX Segmentation Fault Erik Sperling Johansen (Dec 29)
- Re: BitchX Segmentation Fault cathedral (Dec 29)
- Re: BitchX Segmentation Fault Ugen (Dec 28)
- Re: BitchX Segmentation Fault Harmen (Dec 28)
- Re: BitchX Segmentation Fault Erik Sperling Johansen (Dec 28)
- <Possible follow-ups>
- Re: BitchX Segmentation Fault gaksamit2 (Dec 29)