That's why you enable the IE option that says something like "Run each
browser window in its own process"
That way when IE crashes it doesn't take all your porn windows down.

I always hated when that happened to me.

-----Original Message-----
From: Blue Boar [mailto:BlueBoarthievco.com]
Sent: Monday, June 03, 2002 5:35 PM
To: vuln-devsecurityfocus.com
Subject: Re: Buffer Overflow with all versions of Internet Explorer and
Javacript.

Elan Hasson wrote:
> Uh do you realize what is being done with that code?
>
> its the equivalent of
>
> function a(){
> return b();
> }
> function b(){
> return a();
> }
>
> its a fricken stack overflow. it'll happen anywhere.

Sure. And the halting problem says there will be an infinite number of
things like this that can be done, and you can't detect them ahead of time.
  My expectation would be for the browser vendors to handle problems like
this gracefully, have reasonable (and maybe tunable) resource limits set,
and not kill every one of my browser windows when one goes nuts.

                                                BB

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]