If this is true couldn't a malicious website simply set the initial value of
the form then use javascript to submit it upon loading the page causing the
clients X to crash?

ie.

<input type="text" value="(9000 A's)">

and have a body onload=document.forms[0].submit()?

John Scimone
CS Major Ga Tech

On Friday 07 December 2001 04:26 pm, you wrote:
> I have discovered a little bug in K Desktop 2.1.2 that crashes your X
> Server.
>
> By using the konqueror web browser and inputting around 9000+ A's (or
> whatever) into a search box (for instance www.yahoo.com's web search box) -
> this will crash your X environment.
>
> I have successfully done it using 9000 A's on one search box (crashing X
> instantly), then I used 90'000 and it also worked - but without immediate
> effect (took a few seconds).
>
> It also sometimes seems to work by just pasting 900000 A's into a search
> box and before it even displays the A's X crashes. (note: If you want it
> to display the A's before X crashes paste 9000, then as soon as you click
> to start the search - its bye bye X).
>
> Sorry but I can only test it on KDE 2.1.2, because I have no other systems
> available right now.
>
> By the way:
>
> [smackenzmainframe smackenz]$ uname -a
> Linux mainframe 2.4.2-2 #1 Sun Apr 8 20:41:30 EDT 2001 i686 unknown
> (Rehat 7.1)
> (KDE 2.1.2)
> (this works in Gnome and KDE using with the konqueror web browser)
>
> To test simply use a shell and type:
>
> perl -e 'print "A" x 9000'
>
> Then copy these, and paste them into a search form.
>
> Also I tried this in netscape and it didn't work so it suggests its a
> konqueror error somewhere or other.
>
> Cheers
>
> Scott Mackenzie

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]