IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered)

[Gleb Gamow]

https://bitcointalk.org/index.php?topic=1521348.msg15303430#msg15303430



I don't think that one should be able to embed content above the post's user's profile/above the fold.

Here's the code that I just changed to in seeing if you can make heads or tails as to how was accomplished, for I'm at sea.

Code:

[tr][td][/td] [td][url=https://bitcointalk.org/index.php?action=profile;u=537536][b]xavier77[/b][/url][/td] [td](F)[/td] [td][color=red][b]N[/b][/color][/center][/td] [td][url=https://bitcointalk.org/index.php?topic=1521348.msg15330030#msg15330030]June 23 03:28:12 AM[/url][/td] [td]218[/td][/tr]

It was changed from:

Code:

[tr][td]109[/td] [td][url=https://bitcointalk.org/index.php?action=profile;u=537536][b]xavier77[/b][/url][/td] [td](F)[/td] [td][center]Q[/center][/td] [td][url=https://bitcointalk.org/index.php?topic=1521348.msg15330030#msg15330030]June 23 03:28:12 AM[/url][/td] [td]218[/td][/tr]

EDIT: Found out how it was done prior to posting this thread. The following was omitted:

Code:

[center]

Not sure to what ends/extent, but I'm pretty sure a nefarious hacker could exploit such a glitch.

[1713516149]

1713516149

[1713516149]

1713516149

[1713516149]

1713516149

[Cyrus]

I've contacted theymos about it.

[Gleb Gamow]

I've contacted theymos about it.

Hey, I forgot something. Do I send you or theymos my bitcoin wallet address for my 35 BTC finders fee? 

[Felimon]

The bug was not displayed on my side. What browser you are using? I'm using chrome.

[Accountbr]

I've contacted theymos about it.

Hey, I forgot something. Do I send you or theymos my bitcoin wallet address for my 35 BTC finders fee? 

You can't get a finders fee if you posted in public.

[ndnh]

I remember posting about a very similar bug..

Let me check.

Edit.
https://bitcointalk.org/index.php?topic=1092872.0

Edit2.
It is the same thing. Omitting the opening center tag is the cause. theymos had fixed it with an error message, may be a little more to fix now.
https://bitcointalk.org/index.php?topic=1092872.msg11656030#msg11656030

[theymos]

I think that this is no security risk whatsoever, but just to be safe I made the bbcode parser return an error in this case.

[Quickseller]

Do you think this might have something to do with the issue with tables that Dogie was having earlier today? (Maybe both issues have the same root cause).

[theymos]

Do you think this might have something to do with the issue with tables that Dogie was having earlier today? (Maybe both issues have the same root cause).

That seems very unlikely.

[Gleb Gamow]

The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod.  

[ndnh]

I think that this is no security risk whatsoever, but just to be safe I made the bbcode parser return an error in this case.

INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening.
INVALID BBCODE: bad table usage better


Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun.

[ndnh]

Occurs when a closing tag of an unopened tag appears inside a table.

1. INVALID BBCODE: bad table usage (The table tag can be closed. Has nil effect)

Code:

[table][tr][td][/b]

Code:

[table][tr][td][/i]

Code:

[table][tr][td][/u]

Code:

[table][tr][td][/b]

Code:

[table][tr][td][/s]

Code:

[table][tr][td][/sub]

Code:

[table][tr][td][/sup]

Code:

[table][tr][td][/color]

size, font, glow, image, url..... and everything else.


2. INVALID BBCODE: unclosed tags

Code:

[table][tr][td][/center]

Code:

[table][tr][td][/left]

Code:

[table][tr][td][/right]

Code:

[table][tr][td][/quote]

Code:

[table][tr][td][/list]

[theymos]

INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening.
INVALID BBCODE: bad table usage better

Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun.

OK, I changed both errors to "close of unopened tag in table".

There are a variety of ways to produce invalid HTML, but usually it's not a huge problem because the effects are confined to within your own post. It's possible that there are additional undiscovered ways to do especially disruptive things. In this case, the old code path was for inline tags and the new code path which I missed last time was for block tags. (They're in very different places in the code, and not obviously related.) I don't think that anyone really understands the SMF bbcode parser: it looks like someone quickly coded up some mainly regex-based parser that sort of worked, and then people have been constantly tweaking it to fix its bugs for 10+ years. It's terrible. I've long been thinking that I should write a proper parser in C using the traditional lex+yacc tools.

[ndnh]

INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening.
INVALID BBCODE: bad table usage better

Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun.

OK, I changed both errors to "close of unopened tag in table".

There are a variety of ways to produce invalid HTML, but usually it's not a huge problem because the effects are confined to within your own post. It's possible that there are additional undiscovered ways to do especially disruptive things. In this case, the old code path was for inline tags and the new code path which I missed last time was for block tags. (They're in very different places in the code, and not obviously related.) I don't think that anyone really understands the SMF bbcode parser: it looks like someone quickly coded up some mainly regex-based parser that sort of worked, and then people have been constantly tweaking it to fix its bugs for 10+ years. It's terrible. I've long been thinking that I should write a proper parser in C using the traditional lex+yacc tools.

Cool!

I am really good at messing up bbcode and those two are the only issues have had yet (the narrow first column and (one of) the closing tag in table thingy here). I think nothing disruptive can be done with bbcode. We should be safe

I don't think that anyone really understands the SMF bbcode parser

Totally agree

[Spoetnik]

The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod.

..we do

And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha
35 BTC ?
HOLY COW MAN !

..you reported it so it's all good

[Gleb Gamow]

The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod.

..we do

And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha
35 BTC ?
HOLY COW MAN !

..you reported it so it's all good

I meant 35 XRA. Rumor has that that shit's goin' to da moon.

[Gleb Gamow]

The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod.

..we do

And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha
35 BTC ?
HOLY COW MAN !

..you reported it so it's all good

I meant 35 XRA. Rumor has that that shit's goin' to da moon.

[Gleb Gamow]

Since I'm now a certified coder  , I thought I'd share with my fellow coder buddies a trick I came up after hours of research (or via happenstance) on how to quickly discover where the missing bracket is in a big table after doing several edits causing the INVALID BBCODE error to rear its ugly head.

Simply remove the third to last bracket like below, preview the post by scrolling up, and you'll see exactly where the error lies.

Code:

[/tr][/table]

[/tr[/table]

Tomorrow's lesson will be on how to ingeniously depict three consecutive question marks without generating the Huh smiley --> . <fuck me in the ass. I meant that to be a joke, but pondered how to do such, coming up with a solution that I believe might work. gonna try it now>

?&#63;?

<okay, so that didn't work  , but I'm still a fuckin' genius.>

FAKE EDIT (prior to posting): Okay, I have another idea on how to do it. Watch this, losers!

?.?.?

[Foxpup]

Why would you resort to such an ugly hack??? My way's better.

[Gleb Gamow]

Why would you resort to such an ugly hack??? My way's better.

Dude, I've yet to get to the nobbc chapter, thus my other hack ...

???