Closed
Bug 1316697
Opened 8 years ago
Closed 7 years ago
crash at [@nsStandardURL::SegmentIs] with dom.url.encode_decode_hash=false
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
DUPLICATE
of bug 1342438
| Tracking | Status | |
|---|---|---|
| firefox52 | --- | affected |
People
(Reporter: truber, Assigned: valentin)
Details
(4 keywords, Whiteboard: [necko-active])
Attachments
(1 file)
|
240 bytes,
text/html
|
Details |
The attached testcase crashes m-c d38d06f85ef5 with:
user_pref("dom.url.encode_decode_hash", false);
==25200==ERROR: AddressSanitizer: SEGV on unknown address 0x60d100315b77 (pc 0x000000427fe0 bp 0x7ffefbd18090 sp 0x7ffefbd17810 T0)
#0 0x427fdf in __interceptor_strncmp /builds/slave/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:248:17
#1 0x7f80693c4e27 in SegmentIs src/netwerk/base/nsStandardURL.cpp:958:17
#2 0x7f80693c4e27 in mozilla::net::nsStandardURL::EqualsInternal(nsIURI*, mozilla::net::nsStandardURL::RefHandlingEnum, bool*) src/netwerk/base/nsStandardURL.cpp:2144
#3 0x7f8071421e93 in KeyEquals src/obj-firefox/dist/include/nsURIHashKey.h:36:13
#4 0x7f8071421e93 in nsTHashtable<mozilla::places::History::KeyClass>::s_MatchEntry(PLDHashEntryHdr const*, void const*) src/obj-firefox/dist/include/nsTHashtable.h:383
#5 0x7f80691af031 in PLDHashEntryHdr* PLDHashTable::SearchTable<(PLDHashTable::SearchReason)1>(void const*, unsigned int) src/xpcom/glue/PLDHashTable.cpp:355:7
#6 0x7f80691aece0 in PLDHashTable::Add(void const*, mozilla::fallible_t const&) src/xpcom/glue/PLDHashTable.cpp:571:28
#7 0x7f80691af27e in PLDHashTable::Add(void const*) src/xpcom/glue/PLDHashTable.cpp:591:28
#8 0x7f8071312c9b in PutEntry src/obj-firefox/dist/include/nsTHashtable.h:155:36
#9 0x7f8071312c9b in mozilla::places::History::RegisterVisitedCallback(nsIURI*, mozilla::dom::Link*) src/toolkit/components/places/History.cpp:2488
#10 0x7f806bc25b7b in mozilla::dom::Link::LinkState() const src/dom/base/Link.cpp:187:21
|
Assignee | |
Updated•8 years ago
|
Assignee: nobody → valentin.gosu
Whiteboard: [necko-active]
|
Reporter | |
Updated•7 years ago
|
Group: core-security
|
|
Reporter | |
Updated•7 years ago
|
Severity: normal → critical
Keywords: csectype-wildptr
|
||
Updated•7 years ago
|
Group: core-security → network-core-security
|
||
Comment 1•7 years ago
|
||
Critsmash triage: can we get an update on this bug? It has been sitting in the queue since November.
Flags: needinfo?(valentin.gosu)
Keywords: sec-high
|
|
Assignee | |
Comment 2•7 years ago
|
||
I didn't get to it mainly because that pref was added in case we encountered any web-compat issues. I'm inclined to remove the pref completely - I'll probably do it in bug 1342438 which is mostly the same as this one, but public.
Flags: needinfo?(valentin.gosu)
|
|
Assignee | |
Updated•7 years ago
|
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
|
|
||
Updated•4 years ago
|
Group: network-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•