Closed
Bug 331889
(randomclasses)
Opened 18 years ago
Closed 2 years ago
[meta] Bugs found with "Random Classes" (adding random CSS stylesheets)
Categories
(Core :: Fuzzing, defect)
Core
Fuzzing
Tracking
()
RESOLVED
INACTIVE
People
(Reporter: jruderman, Unassigned)
References
(Depends on 35 open bugs)
Details
(Keywords: meta, sec-other, Whiteboard: [sg:nse] meta)
Attachments
(6 obsolete files)
Random Classes sort of a successor to Random Styles, but it's different enough that it gets its own bug. Big new things: * Test pseudo-elements such as :before, :first-line, ::-moz-column-content, ::-moz-table-row-group. * Test more CSS properties, including direction, letter-spacing, opacity, z-index, and columns. * Test animated GIFs (as backgrounds and generated content). * Bookmarklet source and recorder all in one script. (When the fifth parameter is 0, it makes changes to the document forever; when it is positive, it records that many changes without actually making them.) * The script (including the recorder) now works in Safari too. Several CSS properties and psuedo-elements that cause lots of known crashes (e.g. float) are commented out. As usual, * You can the Brainjar Crunchinator to make it into a bookmarklet. * Lithium (bug 329066) can help reduce crashing / hanging / leaking testcases. * This bug is security-sensitive because I've found several [sg:critical] security holes with the Random Classes code and expect to find more.
Reporter | ||
Updated•18 years ago
|
Alias: randomclasses
Whiteboard: [sg:nse] meta
Reporter | ||
Comment 1•18 years ago
|
||
Reporter | ||
Comment 2•18 years ago
|
||
* Un-comment 'float' and 'clear' properties, now that bug 282173 is fixed. * Add 'white-space' property.
Attachment #216450 -
Attachment is obsolete: true
Reporter | ||
Comment 3•18 years ago
|
||
Attachment #219528 -
Attachment is obsolete: true
Reporter | ||
Comment 4•18 years ago
|
||
I don't think I changed much in Random Classes when I converted it to use fuzz.js (bug 339948).
Reporter | ||
Updated•18 years ago
|
Reporter | ||
Comment 5•18 years ago
|
||
Attachment #224053 -
Attachment is obsolete: true
Reporter | ||
Comment 6•18 years ago
|
||
Random Classes 2.0 * Update for fuzz.js 2.0. * Stop trying to use anonymous box selectors, now that bug 331883 is fixed.
Reporter | ||
Updated•18 years ago
|
Reporter | ||
Comment 7•18 years ago
|
||
Attachment #226749 -
Attachment is obsolete: true
Comment 8•18 years ago
|
||
Shouldn't have security bugs assigned to nobody. Jesse can own his test bugs
Assignee: nobody → jruderman
Reporter | ||
Comment 9•18 years ago
|
||
Adds -moz-float-edge, counter-increment, quotes, and more. -moz-column-* commented out.
Attachment #242971 -
Attachment is obsolete: true
Reporter | ||
Comment 10•17 years ago
|
||
Comment on attachment 252267 [details] Random Classes 3.01 New version in bug 339948.
Attachment #252267 -
Attachment is obsolete: true
Reporter | ||
Updated•17 years ago
|
Depends on: CVE-2008-5501
Reporter | ||
Updated•16 years ago
|
Reporter | ||
Comment 11•9 years ago
|
||
https://github.com/MozillaSecurity/funfuzz/blob/master/dom/fuzzer/modules/style-sheets.js
Group: core-security
Summary: Bugs found with "Random Classes" → Bugs found with "Random Classes" (adding random CSS stylesheets)
Updated•8 years ago
|
Component: Tracking → Platform Fuzzing Team
Updated•2 years ago
|
Summary: Bugs found with "Random Classes" (adding random CSS stylesheets) → [meta] Bugs found with "Random Classes" (adding random CSS stylesheets)
Comment 12•2 years ago
|
||
The bug assignee didn't login in Bugzilla in the last 7 months.
:decoder, could you have a look please?
For more information, please visit auto_nag documentation.
Assignee: jruderman → nobody
Flags: needinfo?(choller)
Updated•2 years ago
|
Status: NEW → RESOLVED
Closed: 2 years ago
Flags: needinfo?(choller)
Resolution: --- → INACTIVE
You need to log in
before you can comment on or make changes to this bug.
Description
•