Closed Bug 495626 Opened 16 years ago Closed 16 years ago

cpu up to 99%

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Version:
3.0 Branch
Platform:
All
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 469565

People

(Reporter: nightsoul.blackps, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009051909 Firefox/3.0.11 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009051909 Firefox/3.0.11 <html> <body onLoad="document.forms[0].submit()"> <FORM> <KEYGEN NAME="somekey" CHALLENGE="1125983021"> <INPUT TYPE="submit" NAME="SubmitButton" VALUE="Done"> </FORM> </html> Reproducible: Always Steps to Reproduce: 1.Save this as html to your desktop 2.Run it 3.See cpu usage and mozilla will stop working. See http://heapoverflow.com/f0rums/public/15600-mozilla-firefox-3-0-10-keygen-remote-denial-service-exploit.html Actual Results: Try this on your desktop then go to http://secdev.zoller.lu/ff_dos_keygen.html The browser doesn't respond any longer to any user input, tabs are no longer accessible, your work if any might be lost. Restarting the Firefox process and restoring the previous Firefox session will re-spawn the tab and start the loop again. According to a Bugzilla entry memory is also leaked during the process. So let's recap, we have a function that generates key material and looping causes memory to leak. One might think this should be important enough to investigate, especially if you know that for DSA for instance, only a few bits of k can reveal an entire private key. [3] Note: I am not saying the memory leaks include key material, seeing the lack of interest this bugzilla ticket triggered, I have not considered investigating further. What I am saying is that if security is taken seriously memory leaks that directly or indirectly happen during key generation need to be investigated thoroughly.
Version: unspecified → 3.0 Branch
Related to bug 335852?
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
When FF3.5 is open, cpu eventually runs 99%, using over 100,000K of memory. Closing FF does not stop the cpu or memory usage. Closing with Task Manager is the only way to exit FF. Previous versions of FF all ran stable, problem started with 3.5. Closing and restarting does not solve the problem. Removing program and reinstalling clean does not solve anything. Same settings were used from previous version to install FF3.5. Once cpu maxes out, FF ties up entire computer. Bug 469565 may be part of same problem.
This is a duplicate of that bug.
Hardware: x86 → All
You need to log in before you can comment on or make changes to this bug.