441631 - The program fails to submit the method javascript "appendData" in an infinite loop.

Status: RESOLVED DUPLICATE of bug 430574

(Firefox :: General, defect)

Description

[Juan Pablo Lopez Yacubian]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9) Gecko/2008052906 Firefox/1.5.0.xx Alexa Toolbar;MEGAUPLOAD 1.0
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9) Gecko/2008052906 Firefox/1.5.0.xx Alexa Toolbar;MEGAUPLOAD 1.0

If creating an html file in which poorly trained using the method javascript "appendData" alongside a big argument letters (example: "A") and is subjected to an infinite loop that leads to a denial of service by making the customer breaks. 

This variable returns as a result 3 

1 - Windows error message to debug the client 
2 - A poster error c + + compiler 
3 - reporting failures firefox 


Finally it should be noted that only breaks the program and this opens the door to execution of arbitrary code.

Reproducible: Always

Steps to Reproduce:
1.Create html poorly trained with the method followed by a great argument and run in an infinite loop
2.Wait a few moments until it breaks the firefox.
Actual Results:  
We break the browser and stops working on what needs to be run again.


Details on the error message when crashes are as follows:

AppName: firefox.exe	 AppVer: 1.9.0.3071	 ModName: kernel32.dll
ModVer: 5.1.2600.3119	 Offset: 00012a5b

An analysis with a debugger answered this:

Access violation when writing [00140000]

Comment 1

[Juan Pablo Lopez Yacubian]

This flaw causes only a denial of service on the client. Applies only to the 3.0 version of firefox, does not affect the 2.0. 

It was tested on Windows XP, but surely works in versions for Linux and Mac but not noticed that. 

Greetings

Juan Pablo Lopez Yacubian

Comment 2

[Martijn Wargers (dead)]

Duplicate of bug 430574?