Created attachment 559361 [details] Fix for the bug Description of problem: In src/xchat-ruby.c functions static_ruby_custom_command_hook(char *word[], char *word_eol[], void *userdata) static_ruby_custom_server_hook(char *word[], char *word_eol[], void *userdata) parameter 'word' used in a for cycle without break [1] for( i = 1; word[i][0] != '\0'; i++ ) The problem is word[PDIWORDS] always set to NULL by xchat. So if the input contains more words than PDIWORDS (32) [2], the NULL pointer will be dereferenced. This bug remote triggerable over IRC networks if one or more ruby plugin uses hook_server(). [1] http://bazaar.launchpad.net/~vcs-imports/xchat/trunk/view/head:/src/common/proto-irc.c#L1150 [2] http://bazaar.launchpad.net/~vcs-imports/xchat/trunk/view/head:/src/common/xchat.h#L76 Fix attached. Version-Release number of selected component (if applicable): 1.2-9.fc15 How reproducible: 100% Steps to Reproduce: 1. Use a simple xchat ruby plugin which uses hook_server() 2. Connect to IRC network with xchat 3. Write a lot of words (more than 32) for yourself in one line Actual results: xchat got SIGSEGV Expected results: xchat keeps running Additional info:
Fixed and built in rawhide: http://koji.fedoraproject.org/koji/taskinfo?taskID=3761672 F16: http://koji.fedoraproject.org/koji/taskinfo?taskID=3761674 F15: http://koji.fedoraproject.org/koji/taskinfo?taskID=3761676
xchat-ruby-1.2-11.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/xchat-ruby-1.2-11.fc16
xchat-ruby-1.2-11.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/xchat-ruby-1.2-11.fc15
Updates submitted -- please try it and give feedback if you can. Thanks!
Package xchat-ruby-1.2-11.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing xchat-ruby-1.2-11.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-1325/xchat-ruby-1.2-11.fc15 then log in and leave karma (feedback).
xchat-ruby-1.2-11.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
xchat-ruby-1.2-11.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.