Re: Buffer Overflow with all versions of Internet Explorer and Javacript.

From: Blue Boar (BlueBoarat_private)
Date: Mon Jun 03 2002 - 14:35:08 PDT

  • Next message: david evlis reign: "[DER #11] - Remotey exploitable fmt string bug in squid" 

    Elan Hasson wrote:
> Uh do you realize what is being done with that code?
> 
> its the equivalent of
> 
> function a(){
> 	return b();
> }
> function b(){
> 	return a();
> }
> 
> its a fricken stack overflow. it'll happen anywhere.

Sure. And the halting problem says there will be an infinite number of 
things like this that can be done, and you can't detect them ahead of time. 
  My expectation would be for the browser vendors to handle problems like 
this gracefully, have reasonable (and maybe tunable) resource limits set, 
and not kill every one of my browser windows when one goes nuts.

						BB

    This archive was generated by hypermail 2b30 : Mon Jun 03 2002 - 14:37:08 PDT