[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New Netscape bug (in version 1.12)
In article <[email protected]>, Ray Cromwell <[email protected]> writes:
> I just got back from a vacation in Raleigh, and downloaded the
> new "fixed" Netscape 1.12. It took me about an hour, but I've
> discovered another bug and potential security hole. This one relates
> to mailto:.
> The bug is as follows. Create a HTML file with a hyperlink containing
> the following URL
> <a href="mailto:xxxxxx....(10,000 copies of the letter x)"> foo </a>
> This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> as soon as the mail window pops op. I'm too tired right now to try to
> analyze it, but it might be another stack bug, this time, in the X
> libraries because Netscape isn't doing any sanity checking.
This is a bug in your X server, not in netscape. The X server should
never crash no matter what you send to it.
> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.
This doesn't crash my X server (SGI Irix 6.2), so it's probably specific
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything. -- Washington DC motto | [email protected]