Large favicons can cause Firefox to exhaust all available memory

RESOLVED DUPLICATE of bug 623847

Status

()

Core
Graphics
RESOLVED DUPLICATE of bug 623847
6 years ago
6 years ago

People

(Reporter: francois, Unassigned)

Tracking

({csectype-dos})

19 Branch
x86_64
Linux
csectype-dos
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

6 years ago
This looks like a duplicate of bug 623847, but I'm filing it because it was disclosed publicly as a "security vulnerability" at Kiwicon last weekend.

Steps to reproduce:

1. create a 4GB favicon.ico in the root of a local web server
2. browse to http://localhost/ and watch the memory consumption increase

The memory usage grows for a really long time and only stops growing some time after the tab is closed.

During that time, Firefox is still somewhat responsive (though slow).

Tested on Firefox 16.0.2 and Nightly 19.0a1 (2012-11-07).
I see no reason why this is not a dupe of bug 623847
Let the http server send the 4GB favicon as text/html and point the browser to it and you get a much better hang.

I let the security guys decide.....
Component: Untriaged → Security
Moving to gfx.
Component: Security → Graphics
Product: Firefox → Core
This is, AFAICT, no different from any other run-of-the-mill DoS of display a big image or something that creates lots of javascript strings.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 623847
You need to log in before you can comment on or make changes to this bug.