Closed
Bug 1153568
Opened 10 years ago
Closed 10 years ago
A query makes firefox and iceweasel irresponsive
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: vishnu.raju, Unassigned)
Details
Attachments
(1 file)
2.63 MB,
video/mp4
|
Details |
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.6.0
Build ID: 20150401055833
Steps to reproduce:
1) Fed a 230 chatacter lenghthy string into google search engine.
2) When searched the tab freeezes.
3) I checked to find whether its a bug on google side.
4) I proxied my queries over BURP and found that google server responds with a '400 BAD REQUEST' error
5) I cross checked the bug by forwarding the google server's '400 error' response to the browser. But no response was found on it.
Actual results:
The tab I searched freezed and gave no response when the google search for the below payload was made
/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A
Expected results:
Unkown
Reporter | ||
Updated•10 years ago
|
Summary: A query makes firefor irresponsive → A query makes firefox irresponsive
Reporter | ||
Updated•10 years ago
|
OS: Linux → Windows 7
Summary: A query makes firefox irresponsive → A query makes firefox and iceweasel irresponsive
Comment 1•10 years ago
|
||
> 1) Fed a 230 chatacter lenghthy string into google search engine.
How exactly? There are many ways to access "google search engine". Please provide exact steps.
Also, does the problem still happen if you start Firefox in Safe Mode? (Safe Mode disables extensions and themes, hardware acceleration and some JavaScript stuff in order to exclude some possible reasons for problems. It does not disable plugins which are add-ons.) See http://support.mozilla.com/en-US/kb/Safe+Mode
And does this also happen with a new and empty profile? See http://support.mozilla.com/en-US/kb/Basic%20Troubleshooting#w_8-make-a-new-profile and http://support.mozilla.org/kb/Managing%20profiles
Flags: needinfo?(vishnu.raju)
Reporter | ||
Comment 2•10 years ago
|
||
Hi Andre,
This might be a UI bug.
Reproduction:
1) The below pated payload is searched through google home page.
2) It also works through a new tab where the default search engine is google.
3) Checked the response from google search engine, its 404 ..
4) But mozilla doesnt show that 404 error
the payload is 230 "/A"
ie. /A * 230
Flags: needinfo?(vishnu.raju)
Comment 3•10 years ago
|
||
Please see my questions in comment 1 (plus no idea what a "pated payload" is).
Flags: needinfo?(vishnu.raju)
Reporter | ||
Comment 4•10 years ago
|
||
Hi Andre..
I am so sorry that was a typo.. I actually meant pasted.. I have tried in the safe mode too.. The bug seems to be there...
Flags: needinfo?(vishnu.raju)
Comment 5•10 years ago
|
||
Does this also happen with a new and empty profile?
Flags: needinfo?(vishnu.raju)
Reporter | ||
Comment 6•10 years ago
|
||
I a feeling hard to explain this now so I need to give you a video demonstrating this...
How I tested the bug (may be) in a new profile with firefox's safe mode
1) I reseted firefox and opened it in safe mode.
2) The first search was made on the tab (Google is configured as the default search engine) (length 550)
3) The second search was made with the payload of the same length (550)
Result:
1) The search in the "fresh new tab" gave the correct result ==> a 404 error
2) The second search conducted through the google's search engine (google home page) froze.
I can give you a video clip for better clarity
Flags: needinfo?(vishnu.raju)
Reporter | ||
Comment 7•10 years ago
|
||
As a conclusion, the search seems to freeze when searched through the google's home page.. Search through a tab is working fine..
Payload tested ==>
/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A/A
Reporter | ||
Comment 8•10 years ago
|
||
If there is any other info that I can provide you with, please let me know...
Comment 10•10 years ago
|
||
I am and your question in comment 8 is publicly available for anybody who might know.
Updated•10 years ago
|
Flags: needinfo?(a9016009)
Reporter | ||
Comment 11•10 years ago
|
||
So is there anything that you can do regarding this..
Reporter | ||
Comment 12•10 years ago
|
||
Can I know whether this can be regarded as a bug. I still cant understand why the response is not shown on the browser.
Reporter | ||
Updated•10 years ago
|
Group: core-security
Updated•10 years ago
|
Group: core-security
Comment 13•10 years ago
|
||
I can't reproduce this issue at all. I just get a google search results page with results like "the AA", which is the automobile association in the UK, where I live.
Please provide a video of what you mean, showing both types of searches.
Also, please clarify if you're using BURP all the time. The order of your description, and your further comments, suggest that you do not, but perhaps that's the difference?
Flags: needinfo?(vishnu.raju)
Reporter | ||
Comment 14•10 years ago
|
||
This Video demonstrates the bug that is found in the safe mode. Also tried with resetting the browser. Payload is /A/A......
Flags: needinfo?(vishnu.raju)
Reporter | ||
Comment 15•10 years ago
|
||
Hi Gijs,
The AA payload seems to make no bugs, but /A * 550 can help you to reproduce the bug.. I have attached a video demonstrating the same. I have not used burp in the video. I have used burp for finding out the google server is giving any response. I found that google is giving a 413 error which is not shown in the browser.
Thanks
Comment 16•10 years ago
|
||
This works for me - I get a 400 error when searching from the Google homepage as well, and it shows just fine. If anything, this is a bug in Google. Consider reporting it to them.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 17•10 years ago
|
||
Thanks Gijs,
When I tried the same now, it seems to be fixed. I have reported same to google a month back and have refused to handle the bug. And now it seems to be fixed... :-o)
You need to log in
before you can comment on or make changes to this bug.
Description
•