Well then I also have 2 bugs. 1: part a channel before joining: /part #channel before a /join 2: /alias blaat blaat ; /blaat Harmen On Fri, Dec 28, 2001 at 02:51:37PM +0100, Erik Sperling Johansen wrote: > > > > Hello vuln-dev, > > > > I don't know if this is a widely known thing, but recently I.. um... > > discovered a segmentation fault bug in every BitchX irc client I've > > encountered. > > There are LOTS of segfaults in BitchX. I've reported a 4-5 to the > developers during the last month, but fixes seem to be slow. > > > The problem occurs when you try to change your nick during a connection > > to the server. If you do it before the server registeres your nick, > > BitchX drops with a segfault. > > That's a new one for me. I've had several though related to code like this: > memset(somestring, 0, strlen(somestring)-1) > > There are a 4-5 occurences of these if you grep for it in the source, and > only one of these actually checks for a 0-length string. > > Also, the FE builtin scripting function is broken, it will consistently > SEGV if passed: something "" something > > None of the popular BitchX scripts seem to be remotely exploitable because > of this, although i didnt research too much. > > > > -- > Erik Sperling Johansen > >
This archive was generated by hypermail 2b30 : Fri Dec 28 2001 - 13:52:16 PST