Bug: Message kills RocketChat

[Zomono]

Rocket.Chat Version: 0.56.0
Running Instances: 1
DB Replicaset OpLog: disabled
Node Version: 4.8.1

I found a message, which kills the Browser-Instance of RocketChat. If you submit the following message to some channel of your choice, some Javascript of RocketChat stucks in an infinit loop:
Remove the first backslash

\```
without smart tabs

t---function(first, 
t---t---t---.second) {
t---}

with smart tabs

t---function(first, 
t---.........second) {
t---}

After posting this message the corresponding channel is broken for all users, while other channels and chats are still fine. By submitting this message to all channels of a RockatChat-Server one can deny the whole service except for private messages.

[sampaiodiego]

this should have been fixed by #6991

can you please try to update your rocket.chat and test it? you have to try using our develop release.

[mottobug]

Is there an docker image tag that we can use for the development release? We are using docker for our rocketchat deployment.

[sampaiodiego]

yes you can use rocketchat/rocket.chat:develop image.

[mottobug]

We are running now 0.57.0-develop out of the docker image, bug is still present

[mottobug]

In addition we are now getting bugs with smileys below chat messages in the develop release, we are doing a rollback

[mottobug]

...which is not possible, due to the following error:

Exception in callback of async function: Error: [Can't find migration version 94]

:-(

[mottobug]

Seems like every other rocketchat installation is vulnerable.

You can check that in the #general channel on:

https://demo.rocket.chat/

which is now also dead.

[sampaiodiego]

you could remove the migration record on database (it should be safe to re-run the migrations again when you update rocket.chat on the future).

also do you mind opening a new issue about the smile bug?

[sampaiodiego]

I still was unable to reproduce it on the latest develop release. I've sent a message and everything looks fine:

please don't post on demo server because it's not running the latest develop release.

[mottobug]

We are running the develop release from docker hub, version shows as 0.57.0-develop, i'm pasting the content above in a new chat and the browser immediately freezes until a timeout (chrome). This happens with Chrome, Firefox, Safari. The old chat which contains the messages postet with version 0.56.0 are also dead. The only way is to remove the chatroom which results in complete loss of data.

[sampaiodiego]

ok, I'm sorry, you're right.. the bug is still present on our develop docker tag.. looks like for some reason the image was built from a 14 days old code (instead of latest/current code)..

I'll fix the image and ask you to test again soon, ok?

[mottobug]

ok, thanks

[sampaiodiego]

@mottobug the develop docker image has been updated.. I've tested and the bug is definitely fixed..