|
Title: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on June 25, 2016, 08:51:39 PM https://bitcointalk.org/index.php?topic=1521348.msg15303430#msg15303430
https://i.imgur.com/h6qWCkQ.jpg I don't think that one should be able to embed content above the post's user's profile/above the fold. Here's the code that I just changed to in seeing if you can make heads or tails as to how was accomplished, for I'm at sea. Code: [tr][td][/td] [td][url=https://bitcointalk.org/index.php?action=profile;u=537536][b]xavier77[/b][/url][/td] [td](F)[/td] [td][color=red][b]N[/b][/color][/center][/td] [td][url=https://bitcointalk.org/index.php?topic=1521348.msg15330030#msg15330030]June 23 03:28:12 AM[/url][/td] [td]218[/td][/tr] It was changed from: Code: [tr][td]109[/td] [td][url=https://bitcointalk.org/index.php?action=profile;u=537536][b]xavier77[/b][/url][/td] [td](F)[/td] [td][center]Q[/center][/td] [td][url=https://bitcointalk.org/index.php?topic=1521348.msg15330030#msg15330030]June 23 03:28:12 AM[/url][/td] [td]218[/td][/tr] EDIT: Found out how it was done prior to posting this thread. The following was omitted: Code: [center] Not sure to what ends/extent, but I'm pretty sure a nefarious hacker could exploit such a glitch. Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Cyrus on June 26, 2016, 12:53:54 AM I've contacted theymos about it.
Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on June 26, 2016, 01:26:00 AM I've contacted theymos about it. Hey, I forgot something. Do I send you or theymos my bitcoin wallet address for my 35 BTC finders fee? :P :P :P Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Felimon on June 26, 2016, 01:57:56 AM The bug was not displayed on my side. What browser you are using? I'm using chrome.
Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Accountbr on June 26, 2016, 02:36:32 AM I've contacted theymos about it. Hey, I forgot something. Do I send you or theymos my bitcoin wallet address for my 35 BTC finders fee? :P :P :P Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: ndnh on June 26, 2016, 03:25:46 AM I remember posting about a very similar bug..
Let me check. Edit. https://bitcointalk.org/index.php?topic=1092872.0 Edit2. It is the same thing. Omitting the opening center tag is the cause. theymos had fixed it with an error message, may be a little more to fix now. https://bitcointalk.org/index.php?topic=1092872.msg11656030#msg11656030 Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: theymos on June 26, 2016, 04:02:51 AM I think that this is no security risk whatsoever, but just to be safe I made the bbcode parser return an error in this case.
Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Quickseller on June 26, 2016, 04:12:20 AM Do you think this might have something to do with the issue with tables that Dogie was having earlier today? (Maybe both issues have the same root cause).
Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: theymos on June 26, 2016, 04:51:40 AM Do you think this might have something to do with the issue with tables that Dogie was having earlier today? (Maybe both issues have the same root cause). That seems very unlikely. Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on June 26, 2016, 06:19:48 AM The bug was not displayed on my side. What browser you are using? I'm using chrome. I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch. I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. :P :P :P Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: ndnh on June 26, 2016, 07:29:34 AM I think that this is no security risk whatsoever, but just to be safe I made the bbcode parser return an error in this case. INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening. ;D INVALID BBCODE: bad table usage better Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun. Title: Summary. Appears fixed Post by: ndnh on June 26, 2016, 07:48:56 AM Occurs when a closing tag of an unopened tag appears inside a table.
1. INVALID BBCODE: bad table usage (The table tag can be closed. Has nil effect) Code: [table][tr][td][/b] Code: [table][tr][td][/i] Code: [table][tr][td][/u] Code: [table][tr][td][/b] Code: [table][tr][td][/s] Code: [table][tr][td][/sub] Code: [table][tr][td][/sup] Code: [table][tr][td][/color] 2. INVALID BBCODE: unclosed tags Code: [table][tr][td][/center] Code: [table][tr][td][/left] Code: [table][tr][td][/right] Code: [table][tr][td][/quote] Code: [table][tr][td][/list] Title: Re: Summary. Appears fixed Post by: theymos on June 26, 2016, 02:21:47 PM INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening. ;D INVALID BBCODE: bad table usage better Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun. OK, I changed both errors to "close of unopened tag in table". There are a variety of ways to produce invalid HTML, but usually it's not a huge problem because the effects are confined to within your own post. It's possible that there are additional undiscovered ways to do especially disruptive things. In this case, the old code path was for inline tags and the new code path which I missed last time was for block tags. (They're in very different places in the code, and not obviously related.) I don't think that anyone really understands the SMF bbcode parser: it looks like someone quickly coded up some mainly regex-based parser that sort of worked, and then people have been constantly tweaking it to fix its bugs for 10+ years. It's terrible. I've long been thinking that I should write a proper parser in C using the traditional lex+yacc tools. Title: Re: Summary. Appears fixed Post by: ndnh on June 28, 2016, 01:42:52 PM INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening. ;D INVALID BBCODE: bad table usage better Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun. OK, I changed both errors to "close of unopened tag in table". There are a variety of ways to produce invalid HTML, but usually it's not a huge problem because the effects are confined to within your own post. It's possible that there are additional undiscovered ways to do especially disruptive things. In this case, the old code path was for inline tags and the new code path which I missed last time was for block tags. (They're in very different places in the code, and not obviously related.) I don't think that anyone really understands the SMF bbcode parser: it looks like someone quickly coded up some mainly regex-based parser that sort of worked, and then people have been constantly tweaking it to fix its bugs for 10+ years. It's terrible. I've long been thinking that I should write a proper parser in C using the traditional lex+yacc tools. Cool! I am really good at messing up bbcode and those two are the only issues have had yet (the narrow first column and (one of) the closing tag in table thingy here). I think nothing disruptive can be done with bbcode. We should be safe ;D Quote I don't think that anyone really understands the SMF bbcode parser Totally agree ;D Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Spoetnik on June 30, 2016, 03:35:23 AM The bug was not displayed on my side. What browser you are using? I'm using chrome. I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch. I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. :P :P :P ..we do ;) And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha 35 BTC ? HOLY COW MAN ! ..you reported it so it's all good ;) Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on July 01, 2016, 01:27:42 AM The bug was not displayed on my side. What browser you are using? I'm using chrome. I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch. I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. :P :P :P ..we do ;) And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha 35 BTC ? HOLY COW MAN ! ..you reported it so it's all good ;) I meant 35 XRA. Rumor has that that shit's goin' to da moon. Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on July 01, 2016, 01:32:57 AM The bug was not displayed on my side. What browser you are using? I'm using chrome. I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch. I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. :P :P :P ..we do ;) And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha 35 BTC ? HOLY COW MAN ! ..you reported it so it's all good ;) I meant 35 XRA. Rumor has that that shit's goin' to da moon. Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on October 27, 2016, 11:44:59 PM Since I'm now a certified coder ::), I thought I'd share with my fellow coder buddies a trick I came up after hours of research (or via happenstance) on how to quickly discover where the missing bracket is in a big table after doing several edits causing the INVALID BBCODE error to rear its ugly head.
Simply remove the third to last bracket like below, preview the post by scrolling up, and you'll see exactly where the error lies. Code: [/tr][/table] Tomorrow's lesson will be on how to ingeniously depict three consecutive question marks without generating the Huh smiley --> ???. <fuck me in the ass. I meant that to be a joke, but pondered how to do such, coming up with a solution that I believe might work. gonna try it now> ??? <okay, so that didn't work :'(, but I'm still a fuckin' genius.> FAKE EDIT (prior to posting): Okay, I have another idea on how to do it. Watch this, losers! ?.?.? http://www.sherv.net/cm/emoticons/penguins/happy-feet-penguin-smiley-emoticon.gif Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Foxpup on October 28, 2016, 02:58:16 AM Why would you resort to such an ugly hack??? My way's better.
Title: Re: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) Post by: Gleb Gamow on October 28, 2016, 03:14:53 AM Why would you resort to such an ugly hack??? My way's better. Dude, I've yet to get to the nobbc chapter, thus my other hack ... ??? Title: Re: IMPORTANT! There may be a glitch on this forum Post by: ndnh on October 29, 2016, 07:04:32 AM Why would you resort to such an ugly hack??? My way's better. Dude, I've yet to get to the nobbc chapter, thus my other hack ... ??? 2 more! Why would you resort to such an ugly hack http://www.metalsucks.net/wp-content/uploads/2013/08/questionmarks.jpg Why would you resort to such an ugly hack ??? - :( Title: Re: IMPORTANT! There may be a glitch on this forum Post by: Gleb Gamow on October 29, 2016, 01:51:10 PM Why would you resort to such an ugly hack??? My way's better. Dude, I've yet to get to the nobbc chapter, thus my other hack ... ??? 2 more! Why would you resort to such an ugly hack http://www.metalsucks.net/wp-content/uploads/2013/08/questionmarks.jpg Why would you resort to such an ugly hack ??? - :( Okay, saving the best for last sans images or codes ... ?¿? or if you prefer ¿?¿ Title: Re: IMPORTANT! There may be a glitch on this forum Post by: Foxpup on October 30, 2016, 03:15:52 AM ?¿? ¿?¿Por qué no los dos?¿?or if you prefer ¿?¿ https://media3.giphy.com/media/Nx2Kc8trNHCs8/giphy.gif Title: Re: IMPORTANT! There may be a glitch on this forum Post by: Gleb Gamow on October 30, 2016, 03:40:23 AM ?¿? ¿?¿Por qué no los dos?¿?or if you prefer ¿?¿ https://media3.giphy.com/media/Nx2Kc8trNHCs8/giphy.gif Debido a que un pájaro feo en la mano si un valor de más de un centenar de los bonitos en un arbusto. https://i.imgur.com/NKZlTs2.jpg Title: Re: IMPORTANT! There may be a glitch on this forum Post by: ndnh on October 30, 2016, 10:48:21 AM ?¿? ¿?¿Por qué no los dos?¿?or if you prefer ¿?¿ https://media3.giphy.com/media/Nx2Kc8trNHCs8/giphy.gif Debido a que un pájaro feo en la mano si un valor de más de un centenar de los bonitos en un arbusto. https://i.imgur.com/NKZlTs2.jpg Doesn't that mean using a single question mark properly is better than using a hundred (or three)? |
