IE Shines On Broken Code

mschaef writes "While reading Larry Osterman'a blog (He's a long time Microsoftie, having worked on products dating back to DOS 4.0), I ran across this BugTraq entry on web browser security. Basically, the story is that Michael Zalewski started feeding randomly malformed HTML into Microsoft Internet Explorer, Mozilla, Opera, Lynx, and Links and watching what happened. Bottom line: 'All browsers but Microsoft Internet Explorer kept crashing on a regular basis due to NULL pointer references, memory corruption, buffer overflows, sometimes memory exhaustion; taking several minutes on average to encounter a tag they couldn't parse.' If you want to try this at home, he's also provided the tools he used in the BugTraq entry."

Not just IE

[Chanc_Gorkon]

IE isn't the only thing that accepts sloppy code. Currently taking a SQL Server 2000 class and Query Analyzer let's you create queries with out ending semicolons and with out regards to case sensitivity of the field names. I was amazed at the sloppy SQL I could send it.granted, you make a actual mistake in the syntax like a bad select it would not work, but if you jusr had say a capital H instead of a lower case h in a field where the name of the field showed as a lowercase h and it would work. Case sensitivity is there for a reason. I guess it could be the specific collation I set up the server with, but it shoudl have never accepted a select without a semicolon at the end. Plus don't get me started on why it was bad for Microsoft trying to improve SQL by adding their own things to there varient of SQL, T-SQL. Of course, Oracle and others have doen the same thing. It would be so nice for SQL to just work from one server to another.

Re:An important security sidenote

[Bert64]

If you make an ISO image of that CD and try to burn more copies of it, do the new copies work in the same way?

Re:An important security sidenote

[cowens]

Oops, wasn't logged in.