rTorrent can be crashed by sending invalid logic through XMLRPC interface. Issuing a d.multicall with an f. parameter causes rTorrent to crash unconditionally. XMLRPC commands should never cause a crash. They should be handled gracefully and an error returned to the connecting client.
using python xmlrpc.client library
import xmlrpc.client
server = xmlrpc.client.ServerProxy("http://127.0.0.1/rutorrent/plugins/rpc/rpc.php")
server.d.multicall("", "d.hash=", "d.is_multi_file=", "f.get_path=")
results in rTorrent crashing with
terminate called after throwing an instance of 'std::logic_error'
what(): basic_string::_M_construct null not valid
Aborted
It turns out you could do the same crash with just rtxmlrpc f.path <hash>, looks like the target type check for files isn't actually using the template like the other targets.
rTorrent can be crashed by sending invalid logic through XMLRPC interface. Issuing a d.multicall with an f. parameter causes rTorrent to crash unconditionally. XMLRPC commands should never cause a crash. They should be handled gracefully and an error returned to the connecting client. using python xmlrpc.client library
results in rTorrent crashing with