Issue 699409 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Owner:	----
Closed:	Mar 2017
EstimatedDays:	----
NextAction:	----
OS:	Windows
Pri:	2
Type:	Bug-Security
Arch-x86_64 allpublic Via-Wizard-Security

Crashes using deeply nested XHTML <x>

Reported by mishra.d...@gmail.com, Mar 8 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0

Steps to reproduce the problem:
Crash ID : 
Crash ID 261461e6-ea8c-44c1-a15b-fb27ce7c012c (Server ID: f87b446480000000)

What is the expected behavior?

What went wrong?
Using numbers of <x> in XHTML leads to crash, Attaching the testcase for reference. 

Did this work before? N/A 

Chrome version: 59.0.3033.0 (Official Build) canary (64-bit)  Channel: canary
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 24.0 r0

crash.xml
87.9 KB View Download

Comment 1 by elawrence@chromium.org, Mar 8 2017

Mergedinto: 688010
Status: Duplicate (was: Unconfirmed)
Summary: Crashes using deeply nested XHTML <x> (was: Crashes using XHTML <x>)

This is a stack overflow which is not believed to be exploitable beyond a denial-of-service in the immediate tab rendering the XML. As such, it's not considered a security bug.

Project Member

Comment 2 by sheriffbot@chromium.org, Jun 15 2017

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 699409 link

Issue metadata

Crashes using deeply nested XHTML <x>

Issue description

Comment 1 by elawrence@chromium.org, Mar 8 2017

Comment 1 Deleted

Comment 2 by sheriffbot@chromium.org, Jun 15 2017

Comment 2 Deleted

Sign in to add a comment