How can 5 lines of html crash windows?

[Bossieman]

There is a giant error in windows that causes windows to completely freeze and die. The code is very simple only 5 lines and still it kills windows.

Is there a software bug in IE that makes it crash or what? Does anyone here know why this works?

If you want to test it klick one of the links on this
site.

 

[hoom]

Number one was handled just (presume by firefox)
Two = reboot.

One was an image 999999 or so pixels by the same.

Since it rebooted the PC I have no idea what the other one was...

 

[pcchen]

Actually both are normal images (first one is a GIF, second one is a JPEG), but in the HTML they are specified as 999999x999999. It's probably a bug in GDI or display driver.

 

[arjan de lumens]

From what I can see of the source-code, both of the crasher pages use the 999999-pixel trick. On Windows, this causes the OS to actually try to allocate memory for 999999x999999 pixels (~4 terabytes), which of course fails - in a VERY ungraceful manner. The pictures used are a Windows BSOD image and one of those :? Linux humor pictures.

 

[mito]

firefox is immune?

 

[silence]

firefox is immune?

nope....

i have 1.0.6 and first link it was able to do, but second one gave me BSOD and reboot....

 

[mito]

I have fire fox 1.04 and it didn't bsod my system. I'm still here...

 

[silence]

I have fire fox 1.04 and it didn't bsod my system. I'm still here...

interesting..... i closed everything before trying so no biggie.... and i dint see BSOD in long time, so it was kinda fun....


EDIT :: might be my shitload of extensions that killed my FF.....

 

[DarN]

Opera seems immune.

 

[mito]

apologies...

the second link fucked me up....

i have just returned from a major RESET.

 

[mito]

I cannot accept this... What went wrong?

 

[Bossieman]

Is there a BSOD picture in XP?!? I thought that pictures was removed from XP?

But isnt this a really bad error? Still I cant belive that this happens. Talk about weird stuff.

 

[pcchen]

In my case it died in NVIDIA's display driver. Does anyone with other drivers crashes too? If so, it's probably a GDI bug.

 

[silence]

In my case it died in NVIDIA's display driver. Does anyone with other drivers crashes too? If so, it's probably a GDI bug.

in my case it said it was ATi driver....

 

[Thowllly]

Opera seems immune.

Yup, both tests worked without crashing on Opera 7.50 and 8.01. But in Opera 8.01 the pictures were only stretched horizontally, not vertically. Still better than crashing, though.

 

[Diplo]

Yet another good reason why I'm an Opera Lover!

 

[Diplo]

BTW, this exploit is at least two years old, and probably more. It was mentioned in this mailing list in Aug 2004. So much for Microsoft responding quickly to serious flaws in their shoddy browser!

 

[silence]

BTW, this exploit is at least two years old, and probably more. It was mentioned in this mailing list in Aug 2004. So much for Microsoft responding quickly to serious flaws in their shoddy browser!

its shoddy OS not browser..... cause it crashes in FF too

 

[hoom]

Or since FF can handle the first while Opera can handle both it could actually be that FF needs some fixing...

 

[Bossieman]

Or since FF can handle the first while Opera can handle both it could actually be that FF needs some fixing...

I think this is a OS problem. it doesnt work on other versions of Windows, only XP.