Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: FluxBox crash vulnerability
From: Tim <tim-security () sentinelchicken org>
Date: Fri, 26 Nov 2004 20:31:31 -0500

Fluxbox always crashes totally while executing XMAN with long value of 
'-title' parameter. Simple usage example:

$ xman -title `perl -e 'print "X" x 10000 '`

It was tested on 0.9.10 version and some older ones. Probably all are affected.

Please see tests below:

~> fluxbox -version
Fluxbox 0.9.9 : (c) 2001-2004 Henrik Kinnunen 
~> uname -o -r
2.6.8 GNU/Linux
~> cat /etc/debian_version
~> xman -title `perl -e 'print "X" x 8936 '`
X connection to :0.0 broken (explicit kill or server shutdown).

So, the gist of it is, on the version I am running I could never get
fluxbox to crash.  However, large titles did cause problems.  with
anything above, say, 5000 characters, the window comes up, but is very
unresponsive.  Resizing the window causes display refresh problems for
that window, and the whole window manager is generally slow.  

However, as soon as I close the window, everything returns to normal.
In addition, using any number of characters above 8936 does not cause
this behavior at all, because for 8937 and above, the title bar displays
nothing and everything is peachy.  Large titles just under that amount
cause issues, and it appears the X's in the title wrap around an
overwrite themselves in the display.  When there were problems with the
window, sometimes (maybe 1 in 4) I get the error message you see above.

I get these same symptoms when using large titles on other programs as


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • Re: FluxBox crash vulnerability Tim (Nov 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]