Bugs that crash when loading huge Favicon in Chrome and Firefox are discovered

ByGeorge Grinsted

"Tabs and bookmarks displayed"Favicon"Is the symbol image of the website, it is an important icon that can be called the face of the site. In general, if you specify an enormously-sized image exceeding a few gigabytes in a Favicon displayed in a relatively small size such as 16 × 16 size, a bug that Chrome or Firefox crashes or PC freezesGitHubIt is reported in.

Benjamingr / favicon-bug · GitHub
https://github.com/benjamingr/favicon-bug

It is difficult even to prepare images of several gigabytes in the first place, and aside from the simple questions of "Who set this image as a Favicon?" Aside, work equivalent to loading a huge image by a script It is the following program to make it. By using the port 3000 prepared for experiments, when "favicon.ico" exists, a file whose size gets enormously large will be read indefinitely.


People who reported bugs at GitHub read a huge favicon using a Mac with 4 GB of memory and found that Chrome crashed when the file size exceeded 9 GB.


I tried loading a huge funicon into Firefox using a script called "exploit.js" uploaded to GitHub, which certainly caused PC freezing and Firefox crashing.


Chrome and Firefox seems to crash as a result of having no limit on the size of Favicon's file size and exhausting memory even if you are trying to read huge images.