Illegal char in JS console causes freeze

RESOLVED FIXED

Status

()

Core
Layout: Text
RESOLVED FIXED
17 years ago
10 years ago

People

(Reporter: Mitchell Stoltz (not reading bugmail), Assigned: smontagu)

Tracking

Trunk
x86
Windows 2000
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

There is denial of service attack on the javascript console which leads to
freezing mozilla both on windows and linux.
The problem is inserting special characters in the js console.
As far as I could debug it seems a GTK problem on linux resulting from the
fact that some kind of bitmap cannot be found.

The following html demonstrates the problem:
-------------------------------------------
<html>
georgi
<script>
location="javascript:";
a=";"+String.fromCharCode(1457)+"alert(window)";
eval(a);
</script>
</html>
-------------------------------------------

Georgi Guninski

Comment 1

17 years ago
Created attachment 67840 [details]
stack trace on win32; we never exit from nsBidiPresUtils::RenderText

Comment 2

17 years ago
I seem to be hung the same way, although I note that the infinite loop is
in nsBidiPresUtils::RenderText. Simon?
Assignee: hewitt → smontagu
Component: JavaScript Console → BiDi Hebrew & Arabic

Updated

17 years ago
QA Contact: jrgm → zach

Comment 4

17 years ago
Comment on attachment 68001 [details] [diff] [review]
Fix

r=mkaply
Attachment #68001 - Flags: review+

Comment 5

17 years ago
sr=attinasi
(Assignee)

Comment 6

17 years ago
Fix checked in.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED

Updated

10 years ago
Component: Layout: BiDi Hebrew & Arabic → Layout: Text
QA Contact: zach → layout.fonts-and-text
You need to log in before you can comment on or make changes to this bug.