Hacker News new | past | comments | ask | show | jobs | submit login
IE8/9 crash with CSS only (schinken.github.io)
61 points by schinken42 on Sept 10, 2013 | hide | past | favorite | 39 comments



This is most likely a hang and not a crash. The difference is a hang is highly unlikely to lead to anything exploitable and if its obscure enough, Microsoft will almost certainly not fix it in older versions of their browser.

I've found a similar one a few months back. Please note that this will also crash your browser...

https://gist.github.com/lojack/6510214


Looks very similar to the one I recreated a while ago, something to do with dotted borders and border-radius:

http://codepen.io/beeglebug/pen/ntLbv


Calc() will also crash IE9 when there's a bg image present (on focus)

http://jsfiddle.net/874Bq/2/


I made safari crash with CSS only too! http://cssdeck.com/labs/adbir40g


Internet Explorer 10's emulation seems to be really dedicated: It crashes on IE8 mode. No luck with IE9 mode though.


I remember with IE9 developers were mad that Microsoft fixed some bugs in its IE8 emulation. Which was a problem for those css "hacks" that relied on bugs. Guess they can't win :)


I actually reported a security bug that MS fixed by making real IE6/IE7 match IE8's IE7 emulation: http://yuhongbao.blogspot.ca/2013/07/how-i-found-cve-2013-13...


Reminds me of all those legacy bugs in IE6 that achieved the same result, or RSnake's crash that involved an insane HTML width attribute.

But hey, it took until IE9 to pass Acid3. Who knows what's in Trident?


In 2005 I reported a crashing bug with large iframe widths/heights in mozilla:

https://bugzilla.mozilla.org/show_bug.cgi?id=292279

Sadly no bounty for me!


I know I'm being overly pedantic, but it's not actually CSS that's crashing the browser, it's Micrsoft's extension that is the culprit.


Attention: this link can crash your IE!

See an explanation here: http://www.hackerspace-bamberg.de/Benutzer:Schinken/CSS-IE-C...

Maybe someone can change the URL for this entry... looks like i can't ;)


yup, that definitely crashed my IE. I'm not quite sure what I expected.


Maybe this should be a link to a page explaining it which has a warning and a link to this page, instead of directly linking.


fixed :)


Win7 Pro - IE9. IE Would still work, although it's stuck on that tab, and it's like my mouse is stuck highlighting, so when I move my mouse, it highlights part of the page. I had another tab that auto reloads, and I can still see that reloading, although I can't click on it. I also can't click on the _ [] X buttons.


If you don't care about old IE visitors and hate their browser, this sounds like a good way to convince them that their browser is terrible.

Normally I wouldn't feel this way, but recently had to spend days adding CSS hacks and making sure design works on IE 7, and my hate was reborn again.


If their browser only crashes on your page, they're not going to conclude that their browser is the problem - they're going to conclude that your page is the problem.


That sounds kinda malicious and not at all like a good idea.

If you don't want to support old IE, then don't support it. If you have to support it because enough of your customers still use it, then why would you want their browser to crash?


It's a terrible idea, although if every website started including stuff like this then users might complain enough for IT shops to relax their stupid restrictions and allow them to use a more modern browser. :P


I'm confident that most of the people using e.g. IE7 are already quite aware that their browser sucks. I think their life is hard enough already without people intentionally messing with them.


Microsoft won’t fix it. (The author submitted the report months ago.)

But who cares, as IE10 supports CSS3 gradients… right?


IE 8 on Windows 7 became completely non-responsive and consumed an entire CPU until terminated.


Chris, I think "drawn", not "drawed" is what you were looking for.

Also, nice find.


I tested this with IE9 on Windows 7 Pro and it did not crash. I clicked on the Crash Me button, moved the cursor all around, refreshed the page, etc. No crash.


I did some testing:

  Win7/IE8: froze
  Win7/IE9: froze 
  Win7/IE10: nothing
  Win8/IE10: nothing
  S2003/IE8: froze
  S2008/IE8: nothing


Certainly crashed my Vista (real machine).


I got it to hang on IE10 running the "Browser Mode: IE8" emulator.


I had the same results on Windows 7 / IE9 no crashing


maybe this only works on a windows xp machine..

Microsoft confirmed that bug:

https://connect.microsoft.com/IE/feedback/details/790265/com...

"Cash Me" is no button even if it looks like one ;)


IE9 does not run on XP.


I had to click inside the "Crash me" box to get IE to hang.


funny. IE crashed before I tried the link.


Win7 64 Bit IE8 Hung, IE9 was OK


Crashed IE8, win xp, 32bit


isn't this kind of stuff subject to responsible disclosure?


Only if it's exploitable. This seems to be a hang, which doesn't constitute an exploitable vulnerability, just an annoyance.


Closed from microsoft as "wont fix" https://connect.microsoft.com/IE/feedback/details/790265/com...


So I guess it's fair game.


No crash in IE7?




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: