New issue
Advanced search Search tips

Issue 854607 link

Starred by 1 user
Status: Duplicate
Owner: ----
Closed: Jun 2018
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: string from khmer unicode block hangs chrome window

Project Member Reported by jkantz@google.com, Jun 20 2018 
VULNERABILITY DETAILS
I was fuzzing a font library and found two strings that freeze chrome windows. So for example, it caused my secure shell window to hang on chrome os and also locked up a cider window. These strings could be posted to forums and it would lock out everyone using chrome/chromeos.

VERSION
Observed in

Chrome Version: Version 67.0.3396.87 (Official Build) (64-bit)
Operating System: glinux

and

Google Chrome	66.0.3359.203 (Official Build) (64-bit)
Revision	0
Platform	10452.99.0 (Official Build) stable-channel samus


REPRODUCTION CASE
Strings are attached and dumped to hex. To recover use xxd -r, for example,

xxd -r crash-0644b7346a7d1eeb165ea4496678164de865b91c.hex > crash-0644b7346a7d1eeb165ea4496678164de865b91c

To repro the bug open the recovered file in a chrome browser and it will hang the tab.
crash-0644b7346a7d1eeb165ea4496678164de865b91c.hex
1.8 KB Download
timeout-04613918eecaab18f832f9006bf8a03e9ae666e3.hex
1.8 KB Download

Comment 1 by dominickn@chromium.org, Jun 21 2018

Mergedinto: 847034
Status: Duplicate (was: Unconfirmed)
Thanks for the report. Denial of service issues aren't considered security problems, but I think we have an existing bug for this problem.
Project Member

Comment 2 by sheriffbot@chromium.org, Sep 27

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment