New issue
Advanced search Search tips

Issue 734175 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner: ----
Closed: Jun 2017
Cc:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Google Chrome crashed: Ran Out of Memory while displaying a webpage

Reported by rajatsha...@gmail.com, Jun 16 2017

Issue description

VULNERABILITY DETAILS
Google Chrome ran out of memory(results in  crashing of that particular tab) and thus not able to handle the requests generated by the user.

VERSION
Chrome Version: [57.21.2987.98] + [stable]
Operating System: [Windows 10 Pro]

REPRODUCTION CASE
While searching for a security vulnerability in some xyz domain(can't tell the actual domain because of security implications), fortunately/unfortunately I came across a bug in Google Chrome(version I have stated at the top). 

If I try to use one of the extension(available in chrome extensions) to automate the process of finding XSS(which results in sending 'n' number of XSS payloads to that application server) I came across an error that "Chrome ran out of memory while displaying the webpage". This results in crashing of that particular tab. It can be caused due to memory or buffer flow issues in the process of handling that 'n' number of requests.

Please look into this issue as this is the latest version of chrome and getting memory overflow issues are not acceptable.

Please find the attached screenshot for the reference as well.

Type of crash: [tab crashed,(ran out of memory)]
Crash State: [Ran out of Memory]
 
chrome ran out of memory.jpg
86.5 KB View Download
Any updates on this one? 
Labels: Needs-Feedback
Running out of memory does not represent a security vulnerability; it is trivial to construct a page which requires more memory than Chrome will allow a render process to use (e.g. 4gb). When this happens, the tab is safely shut down. (Exhausting memory is not in any way the same as a buffer overflow vulnerability.)

https://dev.chromium.org/Home/chromium-security/security-faq#TOC-Are-denial-of-service-issues-considered-security-bugs-

If you have repro URLs or other reproducible steps that show Chrome using more memory than necessary, we can have a look at that as a stability issue.
As I told earlier, I was checking DOM beased XSS for one of the application. So if my domain is abc.com and I try to automate the process to find DOM based XSS as abc.com#<payloads> i can get this memory issue.

This automation process can be done by variety of the methods like scripts, extensions, intruder etc.
As I told earlier, I was checking DOM beased XSS for one of the application. So if my domain is abc.com and I try to automate the process to find DOM based XSS as abc.com#<payloads> i can get this memory issue.

This automation process can be done by variety of the methods like scripts, extensions, intruder etc.
Project Member

Comment 5 by sheriffbot@chromium.org, Jun 17 2017

Cc: elawrence@chromium.org
Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "elawrence@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Status: WontFix (was: Unconfirmed)

Comment 7 Deleted

Comment 8 Deleted

As noted in #2, running out of memory does not represent a security vulnerability.
Yeah it doesn't need a security vulnerability but it is a bug in chrome which I discovered. So for this I will not get any appreciation?
As noted, it is trivial to build a web page that demands more memory than is available. This is not a bug in the browser, but rather a bug in the script.
Project Member

Comment 12 by sheriffbot@chromium.org, Sep 24 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment