back to article Aw, snap! How huge HTML links can crash Chrome tabs in one click

A bug in the most recent version of the Chrome allows miscreants to crash browser tabs simply by embedding a link with a malformed URL in the HTML of a page. The vulnerability, dubbed "AwSnap" by web developer Jason Blatt, affects Chrome version 41 on Windows, OS X, and Chrome OS, though reports vary as to whether it exists in …

  1. Frederic Bloggs

    For what it's worth

    It crashes in linux as well (but nicely)

    1. Cliff

      Re: For what it's worth

      and Chrome on Android. Seems pretty conclusive to me :)

  2. Terry Cloth
    Stop

    Crash or page replacement?

    By the look of the error screen, it seems to just suppress the booby-trapped page, but the browser soldiers on—able to reload or link to the list of hints. So, yes, it can DoS a page, but hardly crashes any part of the browser.

  3. ecofeco Silver badge

    Malicious?

    Or just piss poor coding? I vote for the latter.

    1. Wzrd1

      Re: Malicious?

      I'm thinking...

      OK Google, bounds fucking checking.

      Response: I don't know what that is.

      Shades of 1995!

  4. This post has been deleted by its author

  5. Fibbles
    Trollface

    El Reg comments allow html...

    My inner troll is begging me to post that link.

    1. Anonymous Coward
      Anonymous Coward

      Re: El Reg comments allow html...

      I wonder if that is what the deleted post above yours was?

  6. Dan 55 Silver badge
    Mushroom

    Just out of interest, how aggressive is Chrome's pre-fetching?

    This is the kind of question you should ask yourself and test before you post an article which contains a link to the reddit page with the exploit... do your readers' Chrome installations pre-fetch the reddit page after loading the article page and go boom?

    Happily, as I have Firefox, I won't have to find out.

    1. veti Silver badge
      Happy

      Re: Just out of interest, how aggressive is Chrome's pre-fetching?

      No.

      HTH, HAND.

    2. Wzrd1

      Re: Just out of interest, how aggressive is Chrome's pre-fetching?

      No, Chrome doesn't pre-fetch pages, it pre-fetches DNS entries.

      Now, what would happen with a page with 1000 distinct domain URL's with Chrome?

  7. Michael H.F. Wilkinson Silver badge
    Joke

    Version 42?

    Scans the skies for Vogon constructor fleets, just in case

  8. rzzzwilson

    So, Chrome can be forced to crash? In my experience on iOS it doesn't NEED any help.

    1. Jack of Shadows Silver badge
      WTF?

      Hell, I thought 'Aw Snap' was expected behavior (I'm not joking) since it was consistent across platforms: Android, Windows, &c. I need to go back to Beta-Testing school, but dammit, it feels like all my software is in continuous beta.

      1. veti Silver badge

        When did any Google beta ever end?

        Serious question. As far as I can tell, Google software goes direct from "beta" to "retired", without ever entering a state varyingly called "stable" or "released" or whatever the heck lying term the company is trying to insinuate translates to "fit for purpose".

  9. 0_Flybert_0

    long ago memories arise

    late 1997 .. first PC .. P200MMX .. builder advised avoiding IE 4.0

    had an exploitable bug .. buffer overrun of course

    using overly long URLs

    1. Wzrd1

      Re: long ago memories arise

      1995 and Microsoft's ping of death, *really* blowing up the internet with >64k ping packets.

      Microsoft's immediate response, threaten litigation against anyone who claimed the ping of death was real, switch out their NT 4 FTP servers with Sun boxes and claim the x86 hardware was overloaded, *then* eventually issue a patch.

      1. sabroni Silver badge
        Thumb Up

        Re: Yeah, fucking micro$haft!

        I knew they'd be at the bottom of it.

        Love you Google!!

  10. Anonymous Coward
    Anonymous Coward

    This is from people who insist

    on building self-driving cars. Shudder!...

    1. Alistair Silver badge
      Coat

      Re: This is from people who insist

      No worries about self driving cars.

      They'll just.

      stop.

      And considering the traffic I deal with daily on my commute, that will be BETTER than the moronic lane dodging, bumper drafting, cell phone reading, signals and headlights optional, non shoulder checking, squirrel gawking mopes.

      At least a dead in the water googlemobile will be immobile and I can drive around it.

      1. Wzrd1

        Re: This is from people who insist

        Your drive is more pleasant than mine.

        I also get the folks who break for no readily apparent reason. And in the next lane over, Speed Racer.

        Makes me want to borrow a tank from the army for my commute.

        1. sabroni Silver badge
          Meh

          Re: I also get the folks who break for no readily apparent reason

          Well don't drive so close then. The vehicle in front may brake at any time, even if the reason isn't apparent from behind. It's your fault if you hit them whatever the situation, so back the fuck up.

          Do you drive an Audi?

          1. Nelbert Noggins
            FAIL

            Re: I also get the folks who break for no readily apparent reason

            Right, it's not like any cars from say 2009/2010 had an issue with sudden acceleration.... or others randomly applying the electronic handbrake at speed for example... No Audi needed or involved in those 2 incidents.

            What's more worrying is when the manufacturer tried to initially deny, then blamed on foot mats, then mechanical issues before going into out of court settlements when the 'drive-by-wire' system came into question.

            Current cars already have software/mechanical issues the manufactures dispute exist, you think it's going to get better as the software gets more complicated and they can't blame the driver because the driver had no control?

      2. ST Silver badge

        Re: This is from people who insist

        > No worries about self driving cars. They'll just. Stop.

        What happens if they don't just stop, and accelerate instead? Because the front proximity sensor - aptly named gSensor (BETA) - has crashed after deciding it's all clear ahead.

  11. Crazy Operations Guy Silver badge

    Developers that try to do pre-fetching and the like need to be taken out back and shot. In my experience, anytime a developer tries to make something smarter, it ends up being an idiotic pile of buggy spaghetti code that wastes more time than it saves, not to mention the security holes that get opened up.

    Doing DNS pre-lookups is dangerous in that a spammer could send a URL in an email to determine if an address is valid the second a user opens the message. Normally they'd use 1x1 pixel images, but email programs killed that by no loner loading images.. Now there is no way to prevent it.

    1. Ben Tasker Silver badge

      On the upside, the pre-fetching is relatively easy to disable, though the naming is a bit flakey - "Predict network actions to improve performance".

      I'm not sure what benefit it really gives, even on a slow connection I tend to find DNS resolution is often the fastest element of accessing a new site.

      The page pre-loading functionality is potentially fucking scary too (disabled by the same checkbox) - Chrome will try and work out which link on a site you're likely to click on next and then pre-load in the background.

      You can drop meta-tags into a page to tell Chrome what to prefetch (so presumably link rel='dns-prefetch' href='lorem ipsum.......' would also cause a crash) - so can do link rel="prerender" href="myevilpage.htm"

      Google's docs note that pre-rendering is resource heavy, so in theory (at least) you could probably also create a page that just spams the browser with prerender.

  12. s. pam
    Mushroom

    Chrome has become a steaming pile of shite

    On iOS you can crash Chrome just going to some pages on the Telegraph and Guardian websites that are normal pages. British airways website as well can kill Chrome, so it's not just drive-boy's but shitty code from the Chrome developers in general.

    I've been filing bug and crash reports for 14 months and no reply..

  13. Deryk Barker

    Chromium version 41 on linux suffers a "He's Dead Jim" crash but only in the tab involved, the browser as a whole doesn't crash.

  14. vlbrown

    Either the problem is still occurring in Chrome 42 or there's a new one. I've been getting "Aw Snap" for Twitter and Medium for 24 hours now.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019