Due to a bug in Chromium engine, you can crash someone’s Google Chrome browser just by adding a NULL char in the URL string. The bug was discovered by Andris Atteka and he has explained in his blog.
He demonstrated the bug using 26 characters length string, but you crash Google Chrome is using just 16 characters.
How to crash Google Chrome with these 16 characters?
Just copy and paste the following string in your Google Chrome (Chrome 45 or older) address bar, hit Enter and watch your Chrome tab or the whole Chrome browser will crash:
http://b/%%30%30
Be careful, this step will crash your browser instantly!!
The browser crashes even if you hover over the hyperlink given ahead using your mouse pointer: http://b/%%30%30
Why does Chrome browser crash?
“It seems to be crashing in some very old code. In the Debug build, it’s hitting a DCHECK on an invalid URL in GURL, deep in some History code. Given that it’s hitting a CHECK in the Release build, I don’t think this is actually a security bug, but I’m going to leave it as such.”
In my tests, the code affects both Windows and Mac. The bug also affects Opera and Vivaldi browsers, as both are built over the Chromium engine. However, it didn’t affect Chrome for Android.
This bug was only a local DOS issue, so Mr. Atteka didn’t get covered into the company’s bug bounty program.
Such bugs have been observed in the past and were quickly fixed.
Did this bug crash your Google Chrome? Tell us in the comments below.
No comments:
Post a Comment