Closed
Bug 939453
Opened 11 years ago
Closed 8 years ago
crashing when opening crafted JS webpage
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 537620
People
(Reporter: to_copulate, Unassigned)
References
()
Details
(Whiteboard: DUPEME)
Crash Data
Attachments
(1 file)
297 bytes,
text/html
|
Details |
User Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.2) Steps to reproduce: Simply open the attached html page and it crashes the browser. Actual results: Crashes the browser. This is denial of service attack. This happens in all the version of browser way from version 22 to 25.0.1 tested in the windows 7 PC fully patched(14/11/2013) Expected results: Should load the page with the text which is mentioned in the write.document
Crash Signature: AdapterDeviceID: 0x0126
AdapterVendorID: 0x8086
Add-ons: translator%40zoli.bod:2.1.0.3,%7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.16,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.5,%7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.43,%7B972ce4c6-7e08-…
It appears this is OOMing the browser but not security sensitive
Group: core-security
Severity: major → normal
Priority: P2 → --
Check the protocol
tracking-e10s:
--- → ?
tracking-firefox35:
--- → ?
Updated•9 years ago
|
Comment 3•8 years ago
|
||
When I have opened the attached HTML page in Firefox latest release(43.0.4) and the latest Nightly(46.0a1), a notification is displayed that a page is slowing down the browser with 2 buttons "Stop it" and "Wait". I have clicked the "Stop it" button but the whole system freezes, no crash report. Only a system restart will solve the freezing issue. User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 Build ID: 20160105164030 User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0 Build ID: 20160111030207 This issue is also reproducible on Windows 8.1. Regarding this, I will change the Status to NEW and adding the component DOM: Core & HTML. If anyone considers that the component is not the right one, please change it to a more appropriate one.
Status: UNCONFIRMED → NEW
Component: Untriaged → DOM: Core & HTML
Ever confirmed: true
OS: Windows 7 → Windows
Product: Firefox → Core
Version: 25 Branch → Trunk
Comment 4•8 years ago
|
||
This is a duplicate: it's just doubling the size of the DOM a bunch of times (300000 of them, not like you can get that far). Please find the original and mark this duplicate.
Whiteboard: DUPEME
Comment 5•8 years ago
|
||
Hi, I made some digging in bugzilla and have not managed to find any duplicates for this issue. Maybe I haven't been searching the right thing. Can you provide a link with the main issue so I can update this one as duplicate ? Thank you, Vlad
Flags: needinfo?(bzbarsky)
Comment 6•8 years ago
|
||
I suggest searching for bugs with "document.write" in the comments and "oom" in the summary, for a start.
Flags: needinfo?(bzbarsky)
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•