Closed Bug 1644476 Opened 4 years ago Closed 4 years ago

DOS through spamming websockets

Categories

(Core :: Networking: WebSockets, defect)

Product:
Core
Component:
Networking: WebSockets
Version:
77 Branch
Platform:
Desktop
Windows 10
Type:
defect

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: u635660, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

webchocket.html
857 bytes, text/html
Details
and then it fully crashes
80.89 KB, image/png
Details
Attached file webchocket.html

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Steps to reproduce:

i opened webchocket.html

and clicked web socket test

and then firefox becomes unresponsive

Actual results:

firefox became unresposive

Expected results:

it should not become unusable

Are you able to reproduce this issue

Flags: needinfo?(ehumphries)
Flags: needinfo?(ehumphries)
Component: Untriaged → Security
OS: Unspecified → Windows 10
Hardware: Unspecified → Desktop
Severity: -- → S2
Priority: -- → P3
Severity: S2 → --
Priority: P3 → --
Component: Security → DOM: Networking
Product: Firefox → Core
Component: DOM: Networking → Networking: WebSockets

Maybe there's a dupe for this?

Keywords: dupeme
Summary: dos bug makes Firefox unresponsive → DOS through spamming websockets

(In reply to planetman1125 from comment #0)

and then firefox becomes unresponsive

When I test it Firefox is responsive. It's possible to switch to another tab and browse web. The tab with the testing page is blocked and it takes a lot of time before it's navigated to websocketstest.com. This is because all the created websockets need to be closed and released. It definitely doesn't crash on my computer. Could you send me the ID of the crash from comment #1?

Flags: needinfo?(planetman1125)

That’s very interesting I can’t find the crash data there is another way we can get it to be unresponsive can you try these steps:
Set Firefox to use a proxy for all connections.
Load the page.
Try to load another page that uses WebSockets in another tab. eg. Web Sockets Test.
Eventually the other page will be able to connect; but any new pages still won't be able to.

As it should work can you try these steps instead

Flags: needinfo?(planetman1125)

(In reply to planetman1125 from comment #5)

That’s very interesting I can’t find the crash data there is another way we can get it to be unresponsive can you try these steps:
Set Firefox to use a proxy for all connections.
Load the page.
Try to load another page that uses WebSockets in another tab. eg. Web Sockets Test.
Eventually the other page will be able to connect; but any new pages still won't be able to.

As it should work can you try these steps instead

What do you mean by "unresponsive"? Normally this means that UI doesn't react to any input. I cannot reproduce it. If you mean that other tabs cannot create websocket, that's expected because there is a limit for total number of opened websockets: https://searchfox.org/mozilla-central/rev/25d491b7924493b5d4bedc07841a1cd92f271100/netwerk/protocol/websocket/WebSocketChannel.cpp#3307

Regarding the crash, you should be able to see it at about:crashes.

Flags: needinfo?(planetman1125)

it seems i am no longer to reproduce it anymore i am closing this as invalid

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Flags: needinfo?(planetman1125)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: