Closed Bug 813864 Opened 12 years ago Closed 12 years ago

Large favicons can cause Firefox to exhaust all available memory

Categories

(Core :: Graphics, defect)

Product:
Core
Component:
Graphics
Version:
19 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 623847

People

(Reporter: francois, Unassigned)

Details

(Keywords: csectype-dos) 

This looks like a duplicate of bug 623847, but I'm filing it because it was disclosed publicly as a "security vulnerability" at Kiwicon last weekend.

Steps to reproduce:

1. create a 4GB favicon.ico in the root of a local web server
2. browse to http://localhost/ and watch the memory consumption increase

The memory usage grows for a really long time and only stops growing some time after the tab is closed.

During that time, Firefox is still somewhat responsive (though slow).

Tested on Firefox 16.0.2 and Nightly 19.0a1 (2012-11-07).
I see no reason why this is not a dupe of bug 623847
Let the http server send the 4GB favicon as text/html and point the browser to it and you get a much better hang.

I let the security guys decide.....
Component: Untriaged → Security
Moving to gfx.
Component: Security → Graphics
Product: Firefox → Core
This is, AFAICT, no different from any other run-of-the-mill DoS of display a big image or something that creates lots of javascript strings.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.