Bugtraq archives for 1st quarter (Jan-Mar) 1998: Re: IE 4 Bug (Crash with frames)

Re: IE 4 Bug (Crash with frames)

Rommetveit Per Stuve (romperHS.NKI.NO)
Thu, 19 Mar 1998 21:16:48 +0100

At 01:44 PM 3/18/98 +0000, Thomas Weidauer wrote:

>I fust found a way to crash IE 4 using frames:
>Make a file 'test.htm' with the following content
>and view it with IE 4. Under Win95 IE 4 will

><FRAMESET ROWS = 50%,50%>
>        <FRAME SRC = "test.htm">
>        <FRAME SRC = "test.htm">

What happens here is that there is a loop. test.htm creates a page with two
frames, the source for these two frames is test.htm which create another
two frames, and so on and so on.

I tested this on a Dell Latitude XPI P133 ST with 40MB RAM. The laptop is
running Windows NT Workstation build 1381 with service pack 3 applied. No

The browser I tested with was Internet Explorer 4.0.

Before I enter test.htm into the address window of IE 4.0, only IE 4.0
itself and the Windows NT Task Manager and the Eudora Pro 3.0 (e-mail
client is running).

This is what happens when I load the test.htm page into IE 4.0:

The CPU Usage bar in Windows NT Task Manager goes to 100%.
The MEM Usage bar increases very fast.
The Internet Explorer 4.0 application is reported as not responding.

The only way to end IE 4.0 is to end it with the help of Task Manager and
kill the application or the process, or use kill via the command line.

The CPU Usage stays put around 80 to 100% for 1 minute, then it goes up and
down. The MEM Usage increases all the time. Then CPU Usage goes stable on
15-25% for a long while.

After 37 minutes and a lot of disk trashing I get a message box saying:

System Process - Out of Virtual Memory

Your system is running low on virtual memory. Please close some
applications. You can then start the System option in the Control Panel and
choose the Virtual Memory button to create an additional paging file or to
increase the size of your current paging file.


Commit Charge dropped from  133 784K to 46 528K when i ended IE 4.0.

This is most certainly a bug in IE 4.0. I don't know if it is fixed in
newer releases or if it is an bugfix available. And I don't have access to
the web now, so I can't check.

Just out of pure curiosity I wanted to load the same file, test.htm, into
the Netscape Navigator 4.0 to test if the bug was there too. It was not. I
got four frames, as I would expect from a correct point of view.

I don't know if someone has submitted this to Microsoft already. If it
hasn't I think it should be done.

