New issue
Advanced search Search tips

Issue 699409 link

Starred by 1 user

Issue metadata

Status: Duplicate
Owner: ----
Closed: Mar 2017
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug-Security



Sign in to add a comment

Crashes using deeply nested XHTML <x>

Reported by mishra.d...@gmail.com, Mar 8 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0

Steps to reproduce the problem:
Crash ID : 
Crash ID 261461e6-ea8c-44c1-a15b-fb27ce7c012c (Server ID: f87b446480000000)

What is the expected behavior?

What went wrong?
Using numbers of <x> in XHTML leads to crash, Attaching the testcase for reference. 

Did this work before? N/A 

Chrome version: 59.0.3033.0 (Official Build) canary (64-bit)  Channel: canary
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 24.0 r0

 
crash.xml
87.9 KB View Download
Mergedinto: 688010
Status: Duplicate (was: Unconfirmed)
Summary: Crashes using deeply nested XHTML <x> (was: Crashes using XHTML <x>)
This is a stack overflow which is not believed to be exploitable beyond a denial-of-service in the immediate tab rendering the XML. As such, it's not considered a security bug.
Project Member

Comment 2 by sheriffbot@chromium.org, Jun 15 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment