Closed
Bug 584465
Opened 14 years ago
Closed 14 years ago
<iframe> containing large XML file with no closing tags results in possible memory corruption/stack overflow vulnerability
Categories
(Core :: Layout, defect)
Core
Layout
Tracking
()
RESOLVED
DUPLICATE
of bug 485941
People
(Reporter: reed, Unassigned)
Details
(Keywords: testcase, Whiteboard: [sg:dupe 485941])
Attachments
(2 files)
Alex Miller <alexander.miller@sbcglobal.net> reported a possible "memory corruption" issue to security@. From initial review, the issue looks very similar to bug 485941, but I'm going ahead and filing this as a separate issue just in case. =============================================================================== Hi, I am just emailing you to report a memory corruption/stack overflow vulnerability I found in Firefox. Basically just make an Iframe containing a MASSIVE xml file with no closing tags, which causes the browser to crash, and Debuggy to give an exception C00000FD (stack overflow) error. This was tested against Firefox 3.6.8, on Windows 7 Intel Pentium M processor 1 Core. As a workaround, just disable iframes and don't open .xml files... That's all you can really do to prevent this :| As for solving this in programming, in the XML parser, don't accept an XML document that is not properly formatted, then the parser can't freak out. ============================================================================
Reporter | ||
Comment 1•14 years ago
|
||
Comment 2•14 years ago
|
||
Yeah, this is just bug 485941. In particular, not exploitable, not memory corruption... People need to get better about understanding that "stack overflow" != "stack buffer overflow".
Reporter | ||
Updated•14 years ago
|
Group: core-security
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
Whiteboard: [sg:dupe 485941]
You need to log in
before you can comment on or make changes to this bug.
Description
•