1995-10-03 - Re: New Netscape bug (in version 1.12)

Header Data

From: tomw@orac.engr.sgi.com (Tom Weinstein)
To: cypherpunks@toad.com
Message Hash: 2b66b2d4c41a72bd1f26f5dba4bba39ffa323246642e20efc7b5df5ccabf8438
Message ID: <199510031438.HAA06918@orac.engr.sgi.com>
Reply To: <DFv6uo.4so@sgi.sgi.com>
UTC Datetime: 1995-10-03 14:38:58 UTC
Raw Date: Tue, 3 Oct 95 07:38:58 PDT

Raw message

From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 3 Oct 95 07:38:58 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <DFv6uo.4so@sgi.sgi.com>
Message-ID: <199510031438.HAA06918@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DFv6uo.4so@sgi.sgi.com>, Ray Cromwell <rjc@clark.net> writes:

> C'punks, 
>   I just got back from a vacation in Raleigh, and downloaded the
> new "fixed" Netscape 1.12. It took me about an hour, but I've
> discovered another bug and potential security hole. This one relates
> to mailto:.

>   The bug is as follows. Create a HTML file with a hyperlink containing
> the following URL

>  foo 

> This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> as soon as the mail window pops op. I'm too tired right now to try to
> analyze it, but it might be another stack bug, this time, in the X
> libraries because Netscape isn't doing any sanity checking.

This is a bug in your X server, not in netscape.  The X server should
never crash no matter what you send to it.

> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.

This doesn't crash my X server (SGI Irix 6.2), so it's probably specific
to XAccel.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com





Thread