Bug 131497 - Konqueror tries to allocate memory infinitely when visiting a known exploit demonstration
Summary: Konqueror tries to allocate memory infinitely when visiting a known exploit d...
Status: RESOLVED WORKSFORME
Alias: None
Product: konqueror
Classification: Applications
Component: general (show other bugs)
Version: 3.5
Platform: unspecified Linux
: HI normal
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
: 131499 (view as bug list)
Depends on:
Blocks:
 
Reported: 2006-07-29 00:58 UTC by Georgi Chulkov
Modified: 2008-05-21 12:15 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Georgi Chulkov 2006-07-29 00:58:55 UTC
Version:           3.5.3 (using KDE 3.5.3, Gentoo)
Compiler:          Target: i686-pc-linux-gnu
OS:                Linux (i686) release 2.6.17-gentoo-r4

Following the demonstration on this address causes Konqueror to allocate memory until it crashes: http://metasploit.com/users/hdm/tools/browserfun/mobb_028.html

That happens using Konqueror 3.5.3. For comparison, Firefox 1.5.0.4 just allocates some (150 mb or so?) memory and releases it immediately.
Comment 1 Stefan Borggraefe 2006-07-29 08:41:12 UTC
*** Bug 131499 has been marked as a duplicate of this bug. ***
Comment 2 Dirk Stoecker 2006-08-22 13:11:36 UTC
Still there in KDE 3.5.4. Increasing priority, as this is allows denial of service attacks.
Comment 3 Raúl 2007-02-04 19:33:18 UTC
Confirmed on 3.5.6. If the konqueror instance is not killed on time, this could lead to unpredictable kills by the kernel once all the available memory is allocated.

Comment 4 Johannes.Bergmeier 2008-05-18 13:08:12 UTC
unchanged in 3.5.9

In 4.0.4 it only allocates ~300 mb and shows a messagebox "No Java plugin installed!"
On a second try memory consumption goes up to ~600 mb which get released afterwards going back to 300 mb.
Comment 5 Michael Leupold 2008-05-21 10:13:42 UTC
I can confirm this bug is gone in trunk r810280. As it's not likely there will be another 3.5.x version of konqueror I'm closing this bug.
Comment 6 georgi 2008-05-21 12:15:25 UTC
From the comments I see here, it hasn't been fixed in 4.0.4. 300 or 600 mb memory seems too much for a "No java plugin installed!" popup, I think..?