[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New Netscape bug (in version 1.12)

To: [email protected]
Subject: Re: New Netscape bug (in version 1.12)
From: [email protected] (Tom Weinstein)
Date: Tue, 3 Oct 1995 07:38:38 -0700
In-Reply-To: Ray Cromwell's message of Tue, 3 Oct 1995 08:42:24 GMT
References: <[email protected]>
Reply-To: [email protected]
Sender: [email protected]

In article <[email protected]>, Ray Cromwell <[email protected]> writes:

> C'punks, 
>   I just got back from a vacation in Raleigh, and downloaded the
> new "fixed" Netscape 1.12. It took me about an hour, but I've
> discovered another bug and potential security hole. This one relates
> to mailto:.

>   The bug is as follows. Create a HTML file with a hyperlink containing
> the following URL

> <a href="mailto:xxxxxx....(10,000 copies of the letter x)"> foo </a>

> This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> as soon as the mail window pops op. I'm too tired right now to try to
> analyze it, but it might be another stack bug, this time, in the X
> libraries because Netscape isn't doing any sanity checking.

This is a bug in your X server, not in netscape.  The X server should
never crash no matter what you send to it.

> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.

This doesn't crash my X server (SGI Irix 6.2), so it's probably specific
to XAccel.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  [email protected]

Follow-Ups:
- Re: New Netscape bug (in version 1.12)
  - From: Ray Cromwell <[email protected]>

Prev by Date: Re: Certificate proposal
Next by Date: Re: New Netscape bug (in version 1.12)
Prev by thread: Re: New Netscape bug (in version 1.12)
Next by thread: Re: New Netscape bug (in version 1.12)
Index(es):
- Date
- Thread