Vulnerability Development mailing list archives
RE: Buffer Overflow with all versions of Internet Explorer and Javacript.
From: "Elan Hasson" <elan () daryl org>
Date: Mon, 3 Jun 2002 23:47:11 -0400
That's why you enable the IE option that says something like "Run each browser window in its own process" That way when IE crashes it doesn't take all your porn windows down. I always hated when that happened to me. -----Original Message----- From: Blue Boar [mailto:BlueBoar () thievco com] Sent: Monday, June 03, 2002 5:35 PM To: vuln-dev () securityfocus com Subject: Re: Buffer Overflow with all versions of Internet Explorer and Javacript. Elan Hasson wrote:
Uh do you realize what is being done with that code?
its the equivalent of
function a(){
return b();
}
function b(){
return a();
}
its a fricken stack overflow. it'll happen anywhere.
Sure. And the halting problem says there will be an infinite number of
things like this that can be done, and you can't detect them ahead of time.
My expectation would be for the browser vendors to handle problems like
this gracefully, have reasonable (and maybe tunable) resource limits set,
and not kill every one of my browser windows when one goes nuts.
BB
Current thread:
- RE: Buffer Overflow with all versions of Internet Explorer and Ja vacript. Thor Larholm (Jun 03)
- RE: Buffer Overflow with all versions of Internet Explorer and Javacript. Elan Hasson (Jun 03)
- Re: Buffer Overflow with all versions of Internet Explorer and Javacript. Blue Boar (Jun 03)
- RE: Buffer Overflow with all versions of Internet Explorer and Javacript. Elan Hasson (Jun 04)
- Re: Buffer Overflow with all versions of Internet Explorer and Javacript. Blue Boar (Jun 03)
- RE: Buffer Overflow with all versions of Internet Explorer and Ja vacript. Patrik Birgersson (Jun 03)
- <Possible follow-ups>
- RE: Buffer Overflow with all versions of Internet Explorer and Ja vacript. Thor Larholm (Jun 03)
- RE: Buffer Overflow with all versions of Internet Explorer and Javacript. Elan Hasson (Jun 03)