Open Bug 331889 (randomclasses) Opened 14 years ago Updated 2 years ago

Bugs found with "Random Classes" (adding random CSS stylesheets)

Categories

(Core :: Platform Fuzzing Team, defect)

defect
Not set

Tracking

()

People

(Reporter: jruderman, Assigned: jruderman)

References

(Depends on 43 open bugs, Blocks 1 open bug)

Details

(Keywords: meta, sec-other, Whiteboard: [sg:nse] meta)

Attachments

(6 obsolete files)

Random Classes sort of a successor to Random Styles, but it's different enough that it gets its own bug.

Big new things:

* Test pseudo-elements such as :before, :first-line, ::-moz-column-content, ::-moz-table-row-group.

* Test more CSS properties, including direction, letter-spacing, opacity, z-index, and columns.

* Test animated GIFs (as backgrounds and generated content).

* Bookmarklet source and recorder all in one script.  (When the fifth parameter is 0, it makes changes to the document forever; when it is positive, it records that many changes without actually making them.)

* The script (including the recorder) now works in Safari too.

Several CSS properties and psuedo-elements that cause lots of known crashes (e.g. float) are commented out.

As usual, 
* You can the Brainjar Crunchinator to make it into a bookmarklet.
* Lithium (bug 329066) can help reduce crashing / hanging / leaking testcases.
* This bug is security-sensitive because I've found several [sg:critical] security holes with the Random Classes code and expect to find more.
Alias: randomclasses
Whiteboard: [sg:nse] meta
Attached file Random Classes 1.0 (obsolete) —
Depends on: 334105
Depends on: 334107
Depends on: 334132
Depends on: 334147
Depends on: 334148
Depends on: 323497
Depends on: 335140
Attached file Random Classes 1.1 (obsolete) —
* Un-comment 'float' and 'clear' properties, now that bug 282173 is fixed.
* Add 'white-space' property.
Attachment #216450 - Attachment is obsolete: true
Depends on: 339651
Attached file Random Classes 1.2 (requires fuzz.js) (obsolete) —
Attachment #219528 - Attachment is obsolete: true
I don't think I changed much in Random Classes when I converted it to use fuzz.js (bug 339948).
Depends on: 340093
Attached file Random Classes 2.0 (obsolete) —
Attachment #224053 - Attachment is obsolete: true
Random Classes 2.0

* Update for fuzz.js 2.0.
* Stop trying to use anonymous box selectors, now that bug 331883 is fixed.
Depends on: 342929
Depends on: 343206
Depends on: 345139
Depends on: 348977
Depends on: 348982
Depends on: 349095
Depends on: 355986
Depends on: 355989
Depends on: 355993
Attached file Random Classes 3.0 (obsolete) —
Attachment #226749 - Attachment is obsolete: true
Depends on: 360339
Shouldn't have security bugs assigned to nobody. Jesse can own his test bugs
Assignee: nobody → jruderman
Depends on: 366967
Depends on: 367015
Depends on: 367243
Depends on: 367246
Depends on: 367489
Depends on: 367504
Depends on: 367587
Depends on: 367650
Depends on: 367673
Attached file Random Classes 3.01 (obsolete) —
Adds -moz-float-edge, counter-increment, quotes, and more.  -moz-column-* commented out.
Attachment #242971 - Attachment is obsolete: true
Depends on: 368451
Depends on: 369971
Comment on attachment 252267 [details]
Random Classes 3.01

New version in bug 339948.
Attachment #252267 - Attachment is obsolete: true
Depends on: 372237
Depends on: 376137
Depends on: 378413
Depends on: 379799
Depends on: 380012
Depends on: 380101
Depends on: 380116
Depends on: 380217
Depends on: 383129
Depends on: 383872
Depends on: 383887
Depends on: 384491
Depends on: 384499
Depends on: 384649
Depends on: 385132
Depends on: 385226
Depends on: 385295
Depends on: 385445
Depends on: 385866
Depends on: 385880
Depends on: 386010
Depends on: 386266
Depends on: 386475
Depends on: 386799
Depends on: 386812
Depends on: 386827
Depends on: 387195
Depends on: 387201
Depends on: 387217
Depends on: 387219
Depends on: 387358
Depends on: 387754
Depends on: 388367
Depends on: 388374
Depends on: 388709
Depends on: 388715
Depends on: 389014
Depends on: 389630
Depends on: 390762
Depends on: 390976
Depends on: 391053
Depends on: 391894
Depends on: 391901
Depends on: 393325
Depends on: 393517
Depends on: 393661
Depends on: 393758
Depends on: 393923
Depends on: 395316
Depends on: 395450
Depends on: 395469
Depends on: CVE-2008-5501
Depends on: 397022
Depends on: 397187
Depends on: 397293
Depends on: 397304
Depends on: 397448
Depends on: 397844
Depends on: 398042
Depends on: 398510
Depends on: 398803
Depends on: 399132
Depends on: 399209
Depends on: 399219
Depends on: 399692
Depends on: 399712
Depends on: 399843
Depends on: 400078
Depends on: 400789
Depends on: 401589
Depends on: 402307
Depends on: 402380
Depends on: 402384
Depends on: 403129
Depends on: 403134
Depends on: 403175
Depends on: 403177
Depends on: 403245
Depends on: 403569
Depends on: 403997
Depends on: 404123
Depends on: 404219
Depends on: 404301
Depends on: 405187
Depends on: 405271
Depends on: 408450
Depends on: 408493
Depends on: 409461
Depends on: 410232
Depends on: 410233
Depends on: 411319
Depends on: 411582
Depends on: 412479
Depends on: 412543
Depends on: 412651
Depends on: 413016
Depends on: 413028
Depends on: 413185
Depends on: 413292
Depends on: 413388
Depends on: 413582
Depends on: 413587
Depends on: 414061
Depends on: 414175
Depends on: 418532
Depends on: 420031
Depends on: 420654
Depends on: 421203
Depends on: 422015
Depends on: 422283
Depends on: 424679
Depends on: 425981
Depends on: 429805
Depends on: 429865
Depends on: 429968
Depends on: 429969
Depends on: 430344
Depends on: 430356
Depends on: 430991
Depends on: 431072
Depends on: 435529
Depends on: 436470
Depends on: 436822
Depends on: 436982
Depends on: 436996
Depends on: 438259
Depends on: 444726
Depends on: 444861
Depends on: 444967
Depends on: 448083
Depends on: 448488
Depends on: 448615
Depends on: 448988
Depends on: 448996
Depends on: 450311
Depends on: 451317
Depends on: 453935
Depends on: 454751
Depends on: 455623
Depends on: 455976
Depends on: 457362
Depends on: 457380
Depends on: 458453
Depends on: 458653
Depends on: 458659
Depends on: 459666
Depends on: 459883
Depends on: 460349
Depends on: 460389
Depends on: 460910
Depends on: 460924
Depends on: 461239
Depends on: 461907
Depends on: 462392
Depends on: 462788
Depends on: 463350
Depends on: 463763
Depends on: 464374
Depends on: 466756
Depends on: 467137
Depends on: 467141
Depends on: 468546
Depends on: 468555
Depends on: 468557
Depends on: 469859
Depends on: 469861
Depends on: 470167
Depends on: 471360
Depends on: 472227
Depends on: 472617
Depends on: 472774
Depends on: 472919
Depends on: 472950
Depends on: 473481
Depends on: 475136
Depends on: 475193
Depends on: 475302
Depends on: 476241
Depends on: 476245
Depends on: 477333
Depends on: 477569
Depends on: 477731
Depends on: 477935
Depends on: 478131
Depends on: 478185
Depends on: 478527
Depends on: 479938
Depends on: 482375
Depends on: 482398
Depends on: 486428
Depends on: 488325
Depends on: 489462
Depends on: 489691
No longer depends on: 489691
Depends on: 489691
Depends on: 490747
Depends on: 492163
Depends on: 493123
Depends on: 493402
Depends on: 493910
Depends on: 495892
Depends on: 496062
Depends on: 498698
Depends on: 499848
Depends on: 499857
Depends on: 500532
Depends on: 505111
Depends on: 508919
Depends on: 509155
Depends on: 509749
Depends on: 512851
Depends on: 513110
Depends on: 513397
Depends on: 513732
Depends on: 514784
Depends on: 521380
Depends on: 522170
Depends on: 522516
Depends on: 534366
Depends on: 534367
Depends on: 535911
Depends on: 536242
Depends on: 536721
Depends on: 537059
Depends on: 547338
Depends on: 550306
Depends on: 558943
Depends on: 563838
Depends on: 566168
Depends on: 571758
Depends on: 573909
Depends on: 584590
Depends on: 588158
Depends on: 588237
Depends on: 610482
Depends on: 616250
Depends on: 628358
Depends on: 643853
Depends on: 664927
Depends on: 668941
Depends on: 670226
Depends on: 693496
Depends on: 693523
Depends on: 698335
Depends on: 699360
Depends on: 717514
Depends on: 770381
Depends on: 790873
Depends on: 796115
Depends on: 812824
Depends on: 812929
Depends on: 822766
Depends on: 822906
Depends on: 822910
Depends on: 824297
Depends on: 826483
Depends on: 826532
Depends on: 826978
Depends on: 827219
Depends on: 827239
Depends on: 827687
Depends on: 839927
Depends on: 840818
Depends on: 841174
Depends on: 842309
Depends on: 844628
Depends on: 847208
Depends on: 847209
Depends on: 852293
Depends on: 852397
Depends on: 861118
Depends on: 861489
Depends on: 862947
Depends on: 864972
Depends on: 866588
Depends on: 873172
Depends on: 876074
Depends on: 879139
Depends on: 884212
Depends on: 898926
Depends on: 914012
Depends on: 914919
Depends on: 918994
Depends on: 926717
Depends on: 944195
Depends on: 948181
Depends on: 949889
Depends on: 973701
Depends on: 979468
Depends on: 1001233
Depends on: 1022792
Depends on: 1028511
Depends on: 1043156
Depends on: 1071823
Depends on: 1072130
Depends on: 1133615
Depends on: 1153693
Depends on: 1157119
Depends on: 1157918
Depends on: 1161320
Depends on: 1169423
Blocks: 1172704
No longer blocks: fuzz
Depends on: 1187213
https://github.com/MozillaSecurity/funfuzz/blob/master/dom/fuzzer/modules/style-sheets.js
Group: core-security
Summary: Bugs found with "Random Classes" → Bugs found with "Random Classes" (adding random CSS stylesheets)
Depends on: 1222892
Depends on: 1223694
Depends on: 1227498
Depends on: 1227501
Depends on: 1235489
Depends on: 1267079
Depends on: 1278463
Component: Tracking → Platform Fuzzing Team
You need to log in before you can comment on or make changes to this bug.