Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Web Telegram can be crashed in Chrome using specially crafted URL #1848

Open
d4rky-pl opened this issue May 10, 2019 · 0 comments

Comments

Projects
None yet
1 participant
@d4rky-pl
Copy link

commented May 10, 2019

Problem

This regexp:

shortDescriptionText = shortDescriptionText.substr(0, 150).replace(/(\n|\s)+$/, '') + '...'

will cause Chrome to go to 100% CPU and crash the tab if the text contains a lot of newline characters. This can be used for remote DoS on a user, even accidentally.

Solution

Replace (\n|\s) with \s since \s already contains a newline character.

How to reproduce

Send the link to https://monstergaming.pl

If they changed their meta tag description by now, any string that starts with any alphanumeric characters and then contains 100+ newline characters and end with another set of alphanumeric characters will trigger the issue.

Versions

Tested on Chrome 74.0.3729.131

@d4rky-pl d4rky-pl changed the title DoS issue on Chrome Web Telegram can be crashed in Chrome using specially crafted URL May 10, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.