Bugtraq mailing list archives
Re: remote DoS in Mozilla 1.0
From: Andreas Beck <becka () uni-duesseldorf de>
Date: Tue, 11 Jun 2002 17:03:37 +0200
Tom <tom () lemuria org> wrote:
Is this really a mozilla bug?It's a bug in X that becomes remote-exploitable through mozilla.
Ack. If X can be crashed by an application, X is at fault. We all know, that there are "legal" ways to make X unuseable (xlock e.g.), but actually crashing the X server should never happen, as a faulty application may cause data loss in correct applications this way. Not what we expect in a Unix environment.
(a) Fix every app to disallow font sizes bigger then <maxvalue> (b) Fix XFS to return an error code to the calling application when requested font size is greater then configured <maxvalue> Personally i would go for b.Personally, I would go for both, with a limitation on a, namely that apps that accept remote data (i.e. mozilla) should definitely do some checking on that data before handing it to the local system (i.e. X).
Right. Applications that accept untrusted data have a special responsibility to canonicalize them in order to protect the underlying system from the possible side effects. No matter if the underlying system _should_ be able to cope with them. However that does not mean, the bug in the lower layers may remain there. Also note, that - as I already reported to Tom in PM - not all X servers are affected. I tested the example sites using Mozilla 1.0RC2 on an XGGI server which is based on rather old X-consortium code IIRC and the expected effects did not show up. CU, Andy -- Andreas Beck | Email : <becka () uni-duesseldorf de>
Current thread:
- remote DoS in Mozilla 1.0 Tom (Jun 10)
- Re: remote DoS in Mozilla 1.0 Stijn Jonker (Jun 11)
- Re: remote DoS in Mozilla 1.0 Mikael Olsson (Jun 11)
- Re: remote DoS in Mozilla 1.0 Tom (Jun 11)
- Re: remote DoS in Mozilla 1.0 Andreas Beck (Jun 11)
- Re: remote DoS in Mozilla 1.0 John C. Welch (Jun 11)
- Re: remote DoS in Mozilla 1.0 Jakub Bogusz (Jun 11)
- Re: remote DoS in Mozilla 1.0 Stijn Jonker (Jun 11)
- Very large font size crashing X Font Server and Grounding Server to a Halt (was: remote DoS in Mozilla 1.0) Federico Sevilla III (Jun 13)
- Re: Very large font size crashing X Font Server and Grounding Server to Alan Cox (Jun 13)
- rlimits and non overcommit (was: Very large font size ...) Federico Sevilla III (Jun 13)
- Re: Very large font size crashing X Font Server and Grounding Server to a Halt (was: remote DoS in Mozilla 1.0) rjh (Jun 13)
- Re: Very large font size crashing X Font Server and Grounding Server to a Halt (was: remote DoS in Mozilla 1.0) Rob Mayoff (Jun 13)
- Re: Very large font size crashing X Font Server and Grounding Server to a Halt (was: remote DoS in Mozilla 1.0) Matthew Wakeling (Jun 13)
- Re: Very large font size crashing X Font Server and Grounding Server to Alan Cox (Jun 13)
- RE: remote DoS in Mozilla 1.0 Keith Warno (Jun 13)
- Re: remote DoS in Mozilla 1.0 Tom (Jun 13)