Vulnerability Development mailing list archives
Re: ie6 input overflow
From: Peter Kovacs <petke () datanet hu>
Date: Fri, 16 Nov 2001 08:52:54 +0100 (CET)
On Thu, 15 Nov 2001, Emre Yildirim wrote:
Philip Wagenaar wrote:value="1,000,000 x's here" size="1000000" maxlength="1000000"Hmm that's funny. My system froze up too (I'm not sure if I really used 1,000,000 'x's though). This is a 750Mhz machine with 256MB RAM running XP Professional/IE6, all fixes applied. -- Emre Yildirim <emre () asper org> GPG KeyID 0xF9E4A1D1 (keyserver.pgp.com)
I think it's nothing more than a simple long time buffering. You can reproduce this behaviur by opening a large document (ie. in word) with size 2M. And watch the task manager. You will see word - Not Responding. The ``Not Responding" state nothing more than the core thread of application - that handle all the window events - can not read its message qeue, so the event sent by task manager left unresponded (Not Responding). Note that a simple file open can not be splitted into several thread (or NT fiber) because it is a single operation, API call (fopen). Thats all. I think. Regards petke ~~~~~~~~~~~~~ Master of Engineering in Information Technology IBM Certified AIX(4.3) System Administrator Developer Engineer GTS-DataNet ------------------------------------------------------------------------------
Current thread:
- ie6 input overflow Philip Wagenaar (Nov 15)
- Re: ie6 input overflow Emre Yildirim (Nov 15)
- Re: ie6 input overflow Peter Kovacs (Nov 16)
- Re: ie6 input overflow Josh Burns (Nov 16)
- IMPORTANT FOLLOW UP ie6 input overflow Philip Wagenaar (Nov 15)
- Re: ie6 input overflow the last priest (Nov 16)
- <Possible follow-ups>
- Re: ie6 input overflow sksksk sksks (Nov 16)
- Re: ie6 input overflow Joe Lyman (Nov 16)
- RE: ie6 input overflow Kayne Ian (Softlab) (Nov 19)
- Re: ie6 input overflow Emre Yildirim (Nov 15)