[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Erbot-discuss] Exploit in user-defined functions
From: |
Michael Olson |
Subject: |
[Erbot-discuss] Exploit in user-defined functions |
Date: |
Wed, 09 Nov 2005 23:42:10 -0500 |
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
One of the users of my bot (who has too much time on his hands,
apparently), has found another exploit.
(defun fs-hbpart
(fs-x)
(erblisp-check-args fs-x)
(sit-for 0)
(fs-hb
(fs-format "part %s" fs-x)))
(defun fs-hb
(fs-x)
(erblisp-check-args fs-x)
(sit-for 0)
(fs-format "^M%s" fs-x))
(where ^M is a literal control-M character)
Input: hbpart "#myChannel"
This was due to erbot's method for splitting lines, which split on
'\n' rather than both newline and form-feed (\r). A fix has been
applied upstream.
--
Michael Olson -- FSF Associate Member #652 -- http://www.mwolson.org/
Interests: anime, Debian, XHTML, wiki, Emacs Lisp
/` |\ | | | IRC: mwolson on freenode.net: #hcoop, #muse, #PurdueLUG
|_] | \| |_| Jabber: mwolson_at_hcoop.net
pgpgffXvCyjbi.pgp
Description: PGP signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Erbot-discuss] Exploit in user-defined functions,
Michael Olson <=