[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New Netscape bug (in version 1.12)

To: [email protected]
Subject: Re: New Netscape bug (in version 1.12)
From: Ray Cromwell <[email protected]>
Date: Tue, 3 Oct 1995 22:04:26 -0400 (EDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Tom Weinstein" at Oct 3, 95 07:38:38 am
Sender: [email protected]

> In article <[email protected]>, Ray Cromwell <[email protected]> writes:
> 
> > This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> > as soon as the mail window pops op. I'm too tired right now to try to
> > analyze it, but it might be another stack bug, this time, in the X
> > libraries because Netscape isn't doing any sanity checking.
> 
> This is a bug in your X server, not in netscape.  The X server should
> never crash no matter what you send to it.

  That's true, but it is also true that Netscape should also be
performing some sanity checking on input rather than relying on 
the supporting libraries to be secure. Remember, a hole is a hole.
The last sendmail bug was a buffer overflow in syslog, however,
sendmail still got patched to do bounds checking on the strings
it was passing to syslog. 

  It looks like this is only bug on BSDI2.0/XAccel, and NT3.5/NS1.1. But
is it wise for netscape to be sending 10,000 character strings to GUI
functions anyway? 

-Ray

Follow-Ups:
- Re: New Netscape bug (in version 1.12)
  - From: [email protected] (Jeff Weinstein)
- Re: New Netscape bug (in version 1.12)
  - From: [email protected] (Tom Weinstein)

References:
- Re: New Netscape bug (in version 1.12)
  - From: [email protected] (Tom Weinstein)

Prev by Date: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
Next by Date: Re: New Netscape bug (in version 1.12)
Prev by thread: Re: New Netscape bug (in version 1.12)
Next by thread: Re: New Netscape bug (in version 1.12)
Index(es):
- Date
- Thread