Author

Topic: IMPORTANT! There may be a glitch on this forum (Serious! Accidentally uncovered) (Read 2201 times)

legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
?¿?

or if you prefer

¿?¿
¿?¿Por qué no los dos?¿?



Debido a que un pájaro feo en la mano si un valor de más de un centenar de los bonitos en un arbusto.



 
Doesn't that mean using a single question mark properly is better than using a hundred (or three)?
vip
Activity: 1428
Merit: 1145
?¿?

or if you prefer

¿?¿
¿?¿Por qué no los dos?¿?



Debido a que un pájaro feo en la mano si un valor de más de un centenar de los bonitos en un arbusto.

legendary
Activity: 4542
Merit: 3393
Vile Vixen and Miss Bitcointalk 2021-2023
vip
Activity: 1428
Merit: 1145
Why would you resort to such an ugly hack??? My way's better.

Dude, I've yet to get to the nobbc chapter, thus my other hack ...

???


2 more!

Why would you resort to such an ugly hack

Why would you resort to such an ugly hack  Huh -  Sad

Okay, saving the best for last sans images or codes ...

?¿?

or if you prefer

¿?¿
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
Why would you resort to such an ugly hack??? My way's better.

Dude, I've yet to get to the nobbc chapter, thus my other hack ...

???


2 more!

Why would you resort to such an ugly hack

Why would you resort to such an ugly hack  Huh -  Sad
vip
Activity: 1428
Merit: 1145
Why would you resort to such an ugly hack??? My way's better.

Dude, I've yet to get to the nobbc chapter, thus my other hack ...

???
legendary
Activity: 4542
Merit: 3393
Vile Vixen and Miss Bitcointalk 2021-2023
Why would you resort to such an ugly hack??? My way's better.
vip
Activity: 1428
Merit: 1145
Since I'm now a certified coder  Roll Eyes, I thought I'd share with my fellow coder buddies a trick I came up after hours of research (or via happenstance) on how to quickly discover where the missing bracket is in a big table after doing several edits causing the INVALID BBCODE error to rear its ugly head.

Simply remove the third to last bracket like below, preview the post by scrolling up, and you'll see exactly where the error lies.

Code:
[/tr][/table]

[/tr[/table]

Tomorrow's lesson will be on how to ingeniously depict three consecutive question marks without generating the Huh smiley --> Huh.

???

, but I'm still a fuckin' genius.>

FAKE EDIT (prior to posting): Okay, I have another idea on how to do it. Watch this, losers!

?.?.?

vip
Activity: 1428
Merit: 1145
The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. Tongue Tongue Tongue

..we do Wink

And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha
35 BTC ?
HOLY COW MAN !

..you reported it so it's all good Wink

I meant 35 XRA. Rumor has that that shit's goin' to da moon.
vip
Activity: 1428
Merit: 1145
The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. Tongue Tongue Tongue

..we do Wink

And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha
35 BTC ?
HOLY COW MAN !

..you reported it so it's all good Wink

I meant 35 XRA. Rumor has that that shit's goin' to da moon.
legendary
Activity: 1540
Merit: 1011
FUD Philanthropist™
The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod. Tongue Tongue Tongue

..we do Wink

And wow look at you Bruno you just a regular ole hacker / bug finder hard at work like a busy bee finding them bugs like a trooper looking for that "finders fee" ahahahhaha
35 BTC ?
HOLY COW MAN !

..you reported it so it's all good Wink
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening. Grin
INVALID BBCODE: bad table usage better

Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun.

OK, I changed both errors to "close of unopened tag in table".

There are a variety of ways to produce invalid HTML, but usually it's not a huge problem because the effects are confined to within your own post. It's possible that there are additional undiscovered ways to do especially disruptive things. In this case, the old code path was for inline tags and the new code path which I missed last time was for block tags. (They're in very different places in the code, and not obviously related.) I don't think that anyone really understands the SMF bbcode parser: it looks like someone quickly coded up some mainly regex-based parser that sort of worked, and then people have been constantly tweaking it to fix its bugs for 10+ years. It's terrible. I've long been thinking that I should write a proper parser in C using the traditional lex+yacc tools.

Cool!

I am really good at messing up bbcode and those two are the only issues have had yet (the narrow first column and (one of) the closing tag in table thingy here). I think nothing disruptive can be done with bbcode. We should be safe Grin


Quote
I don't think that anyone really understands the SMF bbcode parser

Totally agree Grin
administrator
Activity: 5222
Merit: 13032
INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening. Grin
INVALID BBCODE: bad table usage better

Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun.

OK, I changed both errors to "close of unopened tag in table".

There are a variety of ways to produce invalid HTML, but usually it's not a huge problem because the effects are confined to within your own post. It's possible that there are additional undiscovered ways to do especially disruptive things. In this case, the old code path was for inline tags and the new code path which I missed last time was for block tags. (They're in very different places in the code, and not obviously related.) I don't think that anyone really understands the SMF bbcode parser: it looks like someone quickly coded up some mainly regex-based parser that sort of worked, and then people have been constantly tweaking it to fix its bugs for 10+ years. It's terrible. I've long been thinking that I should write a proper parser in C using the traditional lex+yacc tools.
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
Occurs when a closing tag of an unopened tag appears inside a table.

1. INVALID BBCODE: bad table usage (The table tag can be closed. Has nil effect)
Code:
[table][tr][td][/b]
Code:
[table][tr][td][/i]
Code:
[table][tr][td][/u]
Code:
[table][tr][td][/b]
Code:
[table][tr][td][/s]
Code:
[table][tr][td][/sub]
Code:
[table][tr][td][/sup]
Code:
[table][tr][td][/color]
size, font, glow, image, url..... and everything else.


2. INVALID BBCODE: unclosed tags
Code:
[table][tr][td][/center]
Code:
[table][tr][td][/left]
Code:
[table][tr][td][/right]
Code:
[table][tr][td][/quote]
Code:
[table][tr][td][/list]
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
I think that this is no security risk whatsoever, but just to be safe I made the bbcode parser return an error in this case.


INVALID BBCODE: unclosed tags sounds a little misleading since it happens when the center tag is closed without opening. Grin
INVALID BBCODE: bad table usage better


Is it possible that there can be more cases like this since this is the second time this thing comes up? I will also try to reproduce it, just for the fun.
vip
Activity: 1428
Merit: 1145
The bug was not displayed on my side. What browser you are using? I'm using chrome.

I first noticed it in Chrome, but the screenshot was of it via IE, thinking at first that it may have been a browser glitch.

I see that theymos resolved the issue, but I'm gonna see if I can recreate it, so if BCT goes down in the next few minutes, blame Vod.  Tongue Tongue Tongue
administrator
Activity: 5222
Merit: 13032
Do you think this might have something to do with the issue with tables that Dogie was having earlier today? (Maybe both issues have the same root cause).

That seems very unlikely.
copper member
Activity: 2996
Merit: 2374
Do you think this might have something to do with the issue with tables that Dogie was having earlier today? (Maybe both issues have the same root cause).
administrator
Activity: 5222
Merit: 13032
I think that this is no security risk whatsoever, but just to be safe I made the bbcode parser return an error in this case.
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
I remember posting about a very similar bug..

Let me check.

Edit.
https://bitcointalksearch.org/topic/bitcointalk-bbcode-new-feature-the-hobbit-header-1092872

Edit2.
It is the same thing. Omitting the opening center tag is the cause. theymos had fixed it with an error message, may be a little more to fix now.
https://bitcointalksearch.org/topic/m.11656030
member
Activity: 70
Merit: 10
I've contacted theymos about it.

Hey, I forgot something. Do I send you or theymos my bitcoin wallet address for my 35 BTC finders fee?  Tongue Tongue Tongue
You can't get a finders fee if you posted in public.
full member
Activity: 238
Merit: 100
The bug was not displayed on my side. What browser you are using? I'm using chrome.
vip
Activity: 1428
Merit: 1145
I've contacted theymos about it.

Hey, I forgot something. Do I send you or theymos my bitcoin wallet address for my 35 BTC finders fee?  Tongue Tongue Tongue
administrator
Activity: 3962
Merit: 3184
I've contacted theymos about it.
vip
Activity: 1428
Merit: 1145
https://bitcointalksearch.org/topic/m.15303430



I don't think that one should be able to embed content above the post's user's profile/above the fold.

Here's the code that I just changed to in seeing if you can make heads or tails as to how was accomplished, for I'm at sea.

Code:
[tr][td][/td] [td][url=https://bitcointalk.org/index.php?action=profile;u=537536][b]xavier77[/b][/url][/td] [td](F)[/td] [td][color=red][b]N[/b][/color][/center][/td] [td][url=https://bitcointalk.org/index.php?topic=1521348.msg15330030#msg15330030]June 23 03:28:12 AM[/url][/td] [td]218[/td][/tr]

It was changed from:

Code:
[tr][td]109[/td] [td][url=https://bitcointalk.org/index.php?action=profile;u=537536][b]xavier77[/b][/url][/td] [td](F)[/td] [td][center]Q[/center][/td] [td][url=https://bitcointalk.org/index.php?topic=1521348.msg15330030#msg15330030]June 23 03:28:12 AM[/url][/td] [td]218[/td][/tr]

EDIT: Found out how it was done prior to posting this thread. The following was omitted:

Code:
[center]

Not sure to what ends/extent, but I'm pretty sure a nefarious hacker could exploit such a glitch.
Jump to: