Closed
Bug 111098
Opened 24 years ago
Closed 21 years ago
Crash when viewing a page on warp [@ nsScriptSecurityManager::GetObjectPrincipal]
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: mscott, Assigned: security-bugs)
References
()
Details
(Keywords: crash)
Crash Data
Using Win2k 2001112003.
The above url crashes mozilla consistently for me with the following stack trace:
nsCOMPtr_base::assign_from_helper
[d:\builds\seamonkey\mozilla\xpcom\glue\nsCOMPtr.cpp, line 81]
nsScriptSecurityManager::GetObjectPrincipal
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 1447]
nsScriptSecurityManager::GetFunctionObjectPrincipal
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 1358]
nsScriptSecurityManager::GetFramePrincipal
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 1376]
nsScriptSecurityManager::GetPrincipalAndFrame
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 1389]
nsScriptSecurityManager::GetSubjectPrincipal
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 1429]
nsScriptSecurityManager::CheckPropertyAccessImpl
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 366]
nsScriptSecurityManager::CheckPropertyAccess
[d:\builds\seamonkey\mozilla\caps\src\nsScriptSecurityManager.cpp, line 199]
nsWindowSH::doCheckReadAccess
[d:\builds\seamonkey\mozilla\dom\src\base\nsDOMClassInfo.cpp, line 2352]
nsWindowSH::GetProperty
[d:\builds\seamonkey\mozilla\dom\src\base\nsDOMClassInfo.cpp, line 2401]
XPC_WN_Helper_GetProperty
[d:\builds\seamonkey\mozilla\js\src\xpconnect\src\xpcwrappednativejsops.cpp,
line 785]
js_GetProperty [d:\builds\seamonkey\mozilla\js\src\jsobj.c, line 2448]
I don't see the crash, nor any asserts (win2k).
|
Assignee | |
Comment 3•23 years ago
|
||
WFM in 0.9.8; I'll test the trunk. Scott, is 2001112003 a milestone release, or
a commercial release? Have you tried the current trunk?
Status: NEW → ASSIGNED
nsbeta1-
Before you renominate, please query bugs marked nsbeta1+ keyword with [ADT# RTM]
in status whiteboard (where # is a number between 1 and 3) and make sure that
this bug is at least as important as those.
|
||
Comment 5•23 years ago
|
||
By the definitions on <http://bugzilla.mozilla.org/bug_status.html#severity> and
<http://bugzilla.mozilla.org/enter_bug.cgi?format=guided>, crashing and dataloss
bugs are of critical or possibly higher severity. Only changing open bugs to
minimize unnecessary spam. Keywords to trigger this would be crash, topcrash,
topcrash+, zt4newcrash, dataloss.
Severity: normal → critical
|
|
||
Comment 6•21 years ago
|
||
WFM.
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7b) Gecko/20040330
Microsoft Windows 2000 Pro 5.00.2195 SP4
|
||
Comment 7•21 years ago
|
||
We no longer have a testcase for this bug so no way to see if it's still valid.
I've looked through bugzilla and talkback and don't see any stack traces that
look like this one. It looks like GetObjectPrincipal has changed somewhat since
this bug was reported Is there any value in keeping this report open?
|
||
Comment 8•21 years ago
|
||
This was noted WFM at the time of comment 2 and comment 3 when they did have
access to that URL, this bug is not adding value to the system.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → WORKSFORME
|
||
Updated•14 years ago
|
Crash Signature: [@ nsScriptSecurityManager::GetObjectPrincipal]
You need to log in
before you can comment on or make changes to this bug.
Description
•