An anonymous tipster sent in this bug that Mozilla fixed in Firefox 1.5.0.7 but it is supposed to crash your browser. It is interesting because the bug is still working and will crash your browser. I was intrigued so, like most of you probably will, I popped open the demonstration site (OPENING THAT SITE WILL MAKE YOUR BROWSER CRASH) in Firefox 2 and my browser crashed! The site, which is in the screenshot to the right, says to wait approximately 20 seconds but it took less than 5 for my browser to crash.
| Update: |
As Dave pointed out below you will need to have JavaScript enabled in order for this to affect you.
|
I haven’t tried it in Firefox 1.5.0.7 but the result should still be the same since the bug also says that it is fixed in Firefox 2. The Security Advisory page for this bug says “We have seen no demonstration that these crashes could be reliably exploited, but they do show evidence of memory corruption so we presume they could be.“
So how many of you will be sending the demonstration link to your friends to see how many times they will try and open it before they give up?
javascript required
so once again, the noscript extension comes in handy
That link even pretty much crashed IE7. after it loads it wont respond. ctrl alt delete saves the day again!
Thanks Dave…I forgot to mention that but I added it to the post.
I tried it in IE7 and even though it did run a little sluggish I was still able to close the tab and have it return to normal without restarting the browser.
Wrong bug.
The bug causing the crash you see here is at:
[bugzilla.mozilla.org]
It is still in a new state with no clear path of how to fix it. As I read this, it isn’t the claimed security hole that the Security Advisory page talks about.
This doesn’t cause any memory corruption, just a stack overflow and the application immediately aborts.
from the comments on the bug:
——- Comment #13 From Robert O’Callahan (Novell) 2006-09-11 21:26 PDT [reply] ——-
There is no way to fix this without breaking very deeply nested pages …
except by rewriting Gecko to avoid the use of recursion. That would take a
while.
——- Comment #14 From Robert O’Callahan (Novell) 2006-09-11 21:27 PDT [reply] ——-
I think limiting the depth allowed by the XML parser, just like the HTML parser
does, would be a good start.
Crashes MSIE 6 for me.
Crashed IE7 as well.
Firefox 3.0 alpha (20061011) – crashed in 1 second.
IE 7.0 Final Release – freezes for 5 minutes (eating 50% CPU, and RAM 135MB/5min), then I killed IE7 process.
Opera 9.02 – resisted successfully (with about 30 seconds “wait” mouse pointer).
I’m sure that Mozilla team will fix this VERY soon, and what about Microsoft team? We will have to wait 1 year until IE7 SP1, or 5 years until IE8 ?
I’ve got noscript as well, so to test the site I reluctantly temporarily enabled javascript and yup, crashed as advertised. This really surprises me, and I bet it’ll be fixed soon! Kinda sad, though, that this brand new release already needs patching.
Fx2
Hmmm, I don’t really know why, but surprisingly it didn’t crash my firefox v1.0.7 under Fedora Core 3!
There is NO software which doesn’t need patching in the whole world. Every software needs to be patched sooner or later. This is absolutely normal. All humans’ creations are buggy
Still works with Firefox 2.0.1.
I had completely forgotten about this, but the original bug has been fixed as the website says. My Firefox 2.0.0.1 didn’t crash on the first one that it mentions but the other one that it says hasn’t been fixed.