Home page logo

bugtraq logo Bugtraq mailing list archives

Re: remote DoS in Mozilla 1.0
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Tue, 11 Jun 2002 16:44:04 +0200


Stijn Jonker wrote:

Is this really a mozilla bug?
My answer:
No, because try and font of the size 1666666px in gimp on the same 
system, the symptoms and the end effect is exactly the same here.

The solution(s):
        (a) Fix every app to disallow font sizes bigger then <maxvalue>
        (b) Fix XFS to return an error code to the calling application
when requested font size is greater then configured <maxvalue>

Personally i would go for b.
Just my $0.02, but if you disagree please let me know.

There's a world of difference between gimp and netscape.

Fixing XFS is indeed a good idea, but I submit that it is also a very
good idea to put a cap on font sizes in mozilla, and indeed anything 
else that accepts font rendering information from external sources.

After all, mozilla runs on dozens of platforms, on different X servers.
Mozilla is what is causing the vulnerability (gimp isn't). Indeed, XFS
should be fixed, but from an overall vulnerability perspective, I'm
quite convinced mozilla should be fixed too. People upgrade mozilla 
a _lot_ more often than they upgrade their X font servers.

Mikael Olsson

Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW: http://www.clavister.com

"Senex semper diu dormit"

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]