I Have fun! all days with opera

how to execute the fuzzer ???

*Looks like I have a lot to do this weekend after all* :thumb:

Standing applause to both Opera and Mozilla here


- ØØ -

Originally posted by Jesse Ruderman@bugzilla:

Now runs in the JavaScript shell. If you want to continue running it in the
browser (which seems slower), create a jsparsefuzz.html file containing just:

<script src="jsparsefuzz.js"></script>

Ready to go fuzzer page

Commented out lines 691, 692 and 695 because Opera doesn't have uneval

What I want is a build that isn't so godawfully slow dealing with Yahoo mail, Gmail, and Slashdot.

Opera is very, very poor at dealing with those sites.

How long do you think the test should be run? One hour? Or longer? I noticed that some person on mozzila page runs the test overnight.

my browser.js seems to be pretty much empty.

Bug in 9.23.
Clicking on external links (from f.eks msn) does not work. An error pops up saying that Opera is already running!

Update:
Works normaly again after a system reboot.

Thanks, now i tryed this new build, i hope encounter no issue (forgime my very horrible english )

9.23, Cool. I don't understand that "jsfunfuzz tool" but I installed the build anyway. I hope 9.23 Final to be ready soon for the public.
Maybe it's the same jsfunfuzz tool the reason of Firefox 2.0.0.6 recent update.

@bexs. Did you ever try this userjs: http://my.opera.com/xErath/blog/2007/01/02/the-world-through-a-google ?

OK, QQ:

Is this 9.23 weekly or 9.23 official release?

It's second time...

And what was changed in this version? Changelog? 4 crashed bugs fixed or?

andresruiz: no, Firefox 2.0.0.6 was a quick security update (see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.6), while this is about javascript performance/stability/stuff.

@DjiXas
It's never official till it hits the opera.com/download page.

@Captain Stifu
The fuzz thingy is also used to detect security vulnerabilities (as said in the blog, they found one in Opera using the tool).

so other then fuzz are there any changes in this version?

Luchio: right... but it still has nothing to do with the latest Firefox update(s). (Which were mostly related to the IE vulnerability issue, even though Firefox was also at fault)

More problems with Yahoo Panama... Switching to FireFox...

Because Mozilla enjoys a very enthusiastic community of users, it decided to put out tools in the hands of its users that'll help make future releases of Firefox even stronger. After thinking about it, it decided the tools could be used on all browsers, not just its own because many similar vulnerabilities affect other browsers as well. In May, Snyder says Mozilla sent the tools to Microsoft and Opera but did not hear back.

http://www.zdnetasia.com/news/security/0,39044215,62030323,00.htm

What? Opera didnt' respond to Mozilla? Tsk tsk!

mrd, Snyder also said a certain IE bug didn't exist in Firefox (which was wrong), so don't count on her...

Yea, Opera's JavaScript is a bit faster in this build. Keep up the good work everyone.

Re the Javascript comments, could someone clarify this? Isn't Opera's JS supposed to already be faster than the others? Granted, I've seldom seen a heavy JS page in Opera be anything but slow (I even have to disable JS per-site on the worst of them), but how does that reconcile with the claims of some that it has fast JS (Howtocreate, etc)? And if Opera JS is already fast while Web 2.0 sites are widely considered to be slow in Opera, is a new JS rev really going to make a difference? Maybe Opera's JS is fast in benchmarks but slow in the real world?

you found four crashers, one of which might have security implications with that tool... and on http://www.squarefree.com/2007/08/02/introducing-jsfunfuzz/ they say

"It has found about 280 bugs in Firefox's JavaScript engine, over two-thirds of which have already been fixed (go Brendan!). About two dozen were memory safety bugs that we believe were likely to be exploitable to run arbitrary code."

So why did you find so significantly fewer crashers and security things in Opera with that tool? Do you have your own fuzzers that allowed you to find other bugs? If so, wouldn't it be fair to share that tool with other browser makers? ... Security sure is a selling point for Opera. But I guess it's in everyone's interest that all the browsers are as secure as possible....

Time for a little fuzzin'.

Cool new build it's fuzzier.

If Opera discover a security issue with this tool, And Official release is close to be published to the for the whole community can be stay secure i hope.

@WildEnte: good question about the difference in numbers, actually we've no clue. Maybe Opera's JavaScript engine was just a bit more robust for the type of issues the fuzzer tool can find?

I don't know what tools the JavaScript developers are using, but if I am not mistaken we didn't use such Javascript fuzz tools before May, when Mozilla informed us about their tool.

We do use a HTML fuzzer tool, based on the mangleme code that was made public in October 2004. Mozilla uses such a tool as well, AFAIK.

Rijk: this reminds me of Asa Dotzler's comments (e.g., recently in comments on operawatch) about Opera not disclosing internally found security leaks. Although I disagree with Mr. Dotzler's tone in discussions, I find his point valid. However,

FF: 280 bugs, ~ two dozen security relevant
Opera: 4 bugs, 1 security relevant
one tool

are pretty nice numbers to throw at people. Where's Daniel Goldman when you need him? (c;=

@Rijk
Thank you for your comment & info !

@wildente
Ignore Aza's blub'n'bla, no marketing need.

just took a look in my mac osX application folder
and found a link to my application folder;
what happend? when i draged and dropped the Opera icon
from the dmg file the application icon mooved, too;
it isn't possible to move only the opera icon.

@cavalez
Just because other browsers don't always show the scroll bar in textareas that does not validate this as a bug. If you'd like to make your wish more effective then you're posting this in the wrong place. Let me redirect you..wish-list forum. Otherwise you are wasting your time posting requests and wishes here.

2cavalez:
>I want right scrollbar in textareas appears only when needed. It looks terrible. For example in this textarea I am writing now.

+1

The textarea on this page is little to wide...
Quite embarrasing, isn't it?

All posts about Kestrel have been deleted. This is a post about 9.23 (Merlin). Please remain on-topic.

Thanx for this build.

Originally posted by WildEnte:

... Where's Daniel Goldman when you need him?

Daniel's gone on vacation for a week. Assuming he's already on the road, it's doubtful that anything will make it on OperaWatch until he returns.

Is it only with me, or typing "g any_word" in adress bar triggers a pricerunner search instead of Google's?

[]s

I also want to know how to run this fuzzer...

Is it only with me, or typing "g any_word" in adress bar triggers a pricerunner search instead of Google's?"

Works fine here...

Junyor: good to hear it...
you might as well tell them 2008 though..

I don't want to sound too stupid, but does anybody have any clear (i.e. simple) instructions on how to 'run' this tool?

I clicked on this link http://download.remcol.ath.cx/jstest.html -- as posted by remcolanting and Opera started downloading a 'bunch' of 'stuff'. Opera was using 95% of my CPU -- I never let the download complete. Was I executing/running the fuzzy?

Thank you.

oh, and for all those still complaining about 'bugreports and no reply from opera' here is how MS does it..
( from this blog )

XP has a lot less problems but it's been around a lot longer and had more fixes done. It still pops up error reports that it wants me to send back to Microsoft as recently as 3 days ago. However, I'm not on their payroll, so any information I have is treated in the same fashion MS treats it, no replies, few answers and seldom given with any truth.

@Junyor
Good to delete all posts about Kestrel, I'm tired of reading a tons of comments asking for Kestrel release.

__


I don't really know how to test that "jsfunfuzz tool" I am not so techie. So I just report what is working or not...by now, everything that used to work...keeps working. I know this is not so helpful. Maybe my post will be deleted by containing the word Kestrel

@rwf: The output you see on http://download.remcol.ath.cx/jstest.html is the output of the fuzzer so if you see anything at all, it's running.

If you would like to run it but don't like the high cpu usage you can change the timeout that is used to a higher value. It won't run as often then, saving cpu time.

Save the html file and the js file to the same folder.

setTimeout(testStuffForAWhile, 200);

Change the 200 (milliseconds) to something higher, it's in the js file twice and they're very close together.

@superenan: Mercado Livre (proper url) is working just fine here. Try clearing your cache and/or a clean profile.

Originally posted by illiad:

oh, and for all those still complaining about 'bugreports and no reply from opera' here is how MS does it.. ( from this blog )

Bzzt, there you go again.

What this user is seeing, as he implies, are automated application error reports, basically crash dumps and other machine information that (with your permission) are sent to MS to be used in aggregate for statistical purposes. They've mentioned many times how the data is used, and it's quite valuable to them, since on a worldwide scale it lets them hone in on the most serious problems.

This is not to be confused with what you're alluding to with Opera, which is writing up a bug report and sending it in. That's something else entirely, and for a non-beta product, you go through MS technical support to do it.

If I find any stories about MS starting a genocide in Africa or being responsible for poisoning any municipal water supplies, I'll be sure to let you know.

Unfortunately I see that this build is still crashing all the time here... Can anyone browse for some time in Mercado Livre without having Opera crashing?

Never had crashes with MercadoLivre (I'm Brazilian and use this site a lot). The only problem I see is that if you click in a product photo, it opens in a new tab (ok so far), but if you close this tab and click the same photo or in any other, nothing happens.

[]s

Looks like my search.ini was "corrupted", but my custom searches were not lost.

http://img222.imageshack.us/img222/3497/search2ds5.png

http://img222.imageshack.us/img222/2308/search1jf9.png

Where's my backup CD?...

[]s

Originally posted by superenan:

... Can anyone browse for some time in Mercado Livre without having Opera crashing?

It's appears to be working fine here. I spent several minutes browsing around pages that appeared to be in Spanish (although I have no idea what any of it said), and I didn't have any slow-downs, crashes, or error messages...

Well, that's too bad, looks like my Opera is the only one that's been crashing since about build 8796... specially in Mercado Livre, but also in other websites.

I already sent them a bug report, but Opera crashes so suddenly that I couldn't give much information... hope they can fix it soon, it's killing me

Originally posted by superenan:

Well, that's too bad, looks like my Opera is the only one that's been crashing since about build 8796...

There could be a fix for the problem. Unfortunately it involves wiping out all of the preferences that you've set in Opera, and reverting to the default setup (see third paragraph if this is a problem). Note that any skins or widgets that you had installed will still be there, you'll just have to reactivate them. The same applies if you've changed your toolbar setup (you'll find it in the Advanced Preferences).

Open up opera:about and look under the 'Paths' section for an entry labeled 'Preferences' (should be the top one). It should tell you the location of a file named 'opera6.ini' (which is Opera's preferences file). You need to close Opera, and then delete that file (do not delete it while Opera is open). When you launch Opera again it will create a new 'opera6.ini' file with the default set of preferences.

If you don't want to actually delete the file 'opera6.ini' then you can just move it somewhere else, or rename it (something such as 'opera6.ini.bak'). This way, if resetting your profile doesn't work, then you can always put the old file back in place, and have all of your old settings back.

Edit: I made a video that covers the basic steps. You can also download it here (you'll need the XviD codec to view it, or something such as VLC Media Player).