Closed
Bug 384318
Opened 17 years ago
Closed 17 years ago
Firefox 1.5.0.12 Crashes because of buffer overflow?
Categories
(Firefox :: Security, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 213391
People
(Reporter: matikkajaska, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.12) Gecko/20070601 Ubuntu/dapper-security Firefox/1.5.0.12 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.12) Gecko/20070601 Ubuntu/dapper-security Firefox/1.5.0.12 My browser: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.12) Gecko/20070601 Ubuntu/dapper-security Firefox/1.5.0.12 The following simple Javascript code in a web page crashes the browser: function crash(color){ alert("Warning: We are crashing your browser. ") for (i=1; i<=9999999999; i=i+1) {document.write(i + "<img src='pics/special.jpg'>");} alert("Congratulations! Your browser did not crash.") document.bgColor="black" } Reproducible: Always Steps to Reproduce: 1. 2. 3. Expected Results: Output: Congratulations! Your browser did not crash.
Comment 1•17 years ago
|
||
That's not a buffer overflow, it's simply out of memory : the code tries to create 10.000 million image-tags ...
OK. One should add in the Firefox's source code a check that it is not possible to allocate too much memory.
Updated•17 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
jaakko: oh, it's that simple. wow. you know. if it were really that simple, we'd have done it already. if you're not using a mozilla.org binary, please complain to your vendor (get them to help you get a stack trace).
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•