MultiTerm query segfault - remote denial of service

Hi ferreteers,

I came across a segfault in the query parser. It had already been
reported[1] and fixed[2], but it can lead to a denial of service.

If you use Ferret anywhere that you allow users to execute queries,
those users can crash your Ruby process with a specially crafted
query.

I’m sure you’re all using Monit or something for your Rails or drb
processes, so they’ll get restarted, but it’s still not good.

This was quite serious for a number of my sites (not to mention slowing
development of a current app) so I applied the fix to the released
0.11.4 source and repackaged it as 0.11.4.1.

Obviously this isn’t in any way official, but it works for me and I’m
sharing here for anyone else affected. Gem, tgz and zip here:

http://johnleach.co.uk/downloads/ruby/ferret/ferret-0.11.4.1/

and just the patch (derived from Dave’s changeset to trunk) here:

http://johnleach.co.uk/downloads/ruby/ferret/ferret-0.11.4-fix-multiterm-segfault.patch

The patch is against the release source, as the subversion repository
seems to be down atm.

John.

[1] http://ferret.davebalmain.com/trac/ticket/208
[2] http://ferret.davebalmain.com/trac/changeset/773


high-profile mailing list advertising space exploitation:
http://www.brightbox.co.uk - UK Rails Xen Hosting

cool… thank you :slight_smile: