Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#1618 closed defect (invalid)


Reported by: bee Owned by: mikeperry
Priority: Very Low Milestone:
Component: Applications/Torbutton Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:



Maybe, i've to report this to Mozilla too!!!!!
If you click on the link, all or almost all the memory of your PC will be eaten!!!!!
If you save the link's target everything goes well, but if you click on the link, not even TorButton protects you!!!! Firefox could crash!!!!! and that isn't what i could expect after clicking a link!!!!!!!!!!!!!!!!!!!!!!!!!

It works because Firefox will automatically attempt to decompress that big file (8MB) in the RAM!!!!!! There is only one problem though!!!!!!! I made that file in this way:
dd if=/dev/zero bs=1M count=8120 | tr '\000' 'A' | gzip > (well the file name could be anything!!)
It's very big once decompressed!!!!!! 8GB!!!!!! And i also think that FireFox would use much more than only 8GB of memory to decompress it!!!!!!! So, Firefox wants all the memory of your PC!!!!
Anyway, saving the link works!!!!!!! I don't know why, when you download the link, Firefox saves the compressed file, but when you click on it, firefox attempts to open it and decompress it on-fly!!!!!!!!

Now you know why Factorbee has updated versions of Firefox!!!!!!!!! Because they have bug fixes!!!!!!!!! YEAH!!!!!!!!!!!!!!!!!! Torproject's browser bundles have very old, super bugged firefox versions!!!!!! I'll update factorbee tomorrow with the latest version of firefox!!!!!


Child Tickets

Change History (2)

comment:1 Changed 10 years ago by Sebastian

Resolution: invalid
Status: newclosed

This is not a Torbutton bug at all.

comment:2 Changed 10 years ago by bee

Yeah!!! You're right!!! There is nothing related to TorButton!!!
But when FireFOX will be patched, if Tor Browser Bundles will continue to have old versions of FireFox, then this is going to be a bug for the bundles!!!!!!!! as they are keeping outdated and vulnerable software!!!!!!!!!!!!!!! which is actually something that Tor Bundles are already doing!!!!


Note: See TracTickets for help on using tickets.