Jeff Weinstein wrote:
That's true, but it is also true that Netscape should also be performing some sanity checking on input rather than relying on the supporting libraries to be secure. Remember, a hole is a hole. The last sendmail bug was a buffer overflow in syslog, however, sendmail still got patched to do bounds checking on the strings it was passing to syslog.
It looks like this is only bug on BSDI2.0/XAccel, and NT3.5/NS1.1. But is it wise for netscape to be sending 10,000 character strings to GUI functions anyway?
While I agree that we should probably truncate this string to something smaller than 10000 characters(I've already filed a bug on it here), it is perfectly legal X protocol to send 10,000 characters to the X server. How do I decide what is too long? For example, when tracking down buffer overflow problems for the security patch, we found an undocumented static buffer limit of 64 bytes for the hostname passed to gethostbyname() [lots deleted]
I agree with a lot of what you say Jeff. What I would do is set the string limits to be whatever the specs allow. For instance, in the case of domain names, the limit is supposed to be 256. In a mailto: just what is the limit of an RFC822 valid e-mail address? I will say that Netscape is a very robust program. I have created documents with 10,000 nested <UL> lists, and the program didn't dump. I have created forms with 10,000 selection widgets with overlong labels and variable names and it handled them (didn't diusplay them very well) However, I am a little weary of netscape allowing lists and forms having 10,000 levels. For one thing, although the 10,000 nested lists didn't crash netscape, they did use up all the swap space on my computer except for 300k. A 10K byte document was able to exhaust 32megs of ram. When I combined supernested lists, with overlong FORM variable names, and an extra long title, I did get a few sporadic coredumps. Some people may have a religious position on browsers limiting SGML/HTML nested structures (because they feel the browser should be able to handle any "legal" document), but I for one am more pragmatic. I hope you don't take my criticisms as an attack on your programmers. Netscape is my all around favorite application. I just want to see it improved and safer. -Ray