Comment 21 for bug 220327

I ran into this error message yesterday when setting up a new Eggdrop bot. I'm posting to this ticket rather than creating a new bug report in case the two issues are related.

My crash happens every time the "md5" TCL function is called. The crash can be reproduced with this simple config file:

 #! /usr/bin/eggdrop
 md5 "crash!"

Removing patch "debian/eggdrop-1.6.19-ssl.patch" (aka "Rootie's SSL patch") fixes the issue for me. The error in the SSL patch is it changes src/tclmisc.c to include OpenSSL's declaration of the MD5_CTX struct, but still uses the bundled versions of MD5_Init/MD5_Update/MD5_Final in src/md5/md5c.c. Because the structs are different size (OpenSSL's is much smaller), the bundled MD5 functions end up smashing the stack.

It may also be possible to fix the issue without sacrificing the SSL patch, by ensuring that src/md5/md5c.c is not built or linked into the executable.

FWIW, the Eggdrop folks recommend against using Rootie's patch: http://www.eggheads.org/news/2011/05/25/39

I confirmed the crash exists on 1.6.19-1.2ubuntu3.1 (12.04 LTS) and 1.6.19-1.2ubuntu7 (13.04)