Closed Bug 147900 Opened 23 years ago Closed 23 years ago

10000 chars entered in URL Bar crashes mozilla and xserver

Categories

(SeaMonkey :: Location Bar, defect)

Product:
SeaMonkey
Component:
Location Bar
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 121885

People

(Reporter: d-n-s, Assigned: hewitt)

Details

(Keywords: crash)

From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc3) Gecko/20020523 BuildID: 2002052316 if you type about 10000 signs in the url bar mozilla + xserver crash Reproducible: Always Steps to Reproduce: 1.open mozilla browser 2.type 10000 '.' points in the url bar 3.mozilla + xserver crashes Actual Results: It crashed my system, since that konqueror and kfm needs 10 minutes startup time under KDE 3.0 Expected Results: limit the url bar to rfc max length for http requests redhat linux 7.2 kde 3.0 qt3 bug works under mozilla rc2 and rc3
wfm with Build 2002052809 under Windows XP Pro
WFM 2002052908/trunk/W2K If you are crashing in Mozilla the best thing you can do to help the developers fix your bug is to attach a stacktrace. If you're not building yourself you are not out of luck. Mozilla releases nightly and milestone builds with Netscape's Talkback (you can get latest build on: http://ftp.mozilla.org/pub/mozilla/nightly/latest/) Talkback should catch most crashes and offer to send in a crash report. Developers can retrieve that crash report and attach it to your bug report if you provide either the Incident ID (you can get it by running the talkback program from /components/talkback/). Thanks for your help in testing Mozilla and reporting bugs.
Keywords: crash
Summary: bug crashes mozilla and xserver → 10000 chars entered in URL Bar crashes mozilla and xserver
I am able to reproduce this on Linux (2002052309, i.e. rc3), but don't think it's a Moz bug. Explicitly typing the dots is not necessary; pasting them in works as well. Unfortunately, the Xserver log isn't terribly helpful: --- XFree86 Version 4.1.0 / X Window System (protocol Version 11, revision 0, vendor release 6510) [...] GetModeLine - scrn: 0 clock: 108000 GetModeLine - hdsp: 1152 hbeg: 1216 hend: 1344 httl: 1600 vdsp: 864 vbeg: 865 vend: 868 vttl: 900 flags: 5 Fatal server error: Caught signal 11. Server aborting --- On Windows 2000 and on Linux under VNC, Mozilla will slow to a crawl and eat up memory (on the order of 128M), but I can't get it to crash, leading me to believe that the fault lies in XF86. At any rate, the bug is "critical" in the sense that the Xserver dies, but probably not a showstopper for 1.0.0.
wfm, linux build 20020528. I pasted in 100000+ '.' Mozilla got really slow, but did not crash. It was spending its time in a stack like: nsFontGTKNormal::GetWidth nsRenderingContextGTK::GetWidth BinarySearchForPosition BinarySearchForPosition BinarySearchForPosition BinarySearchForPosition BinarySearchForPosition nsTextFrame::GetPosition nsTextFrame::GetContentAndOffsetsFromPoint I'm running RH73. XFree86 4.2.0-8, gtk+-1.2.10-15
ATTENTION WHEN PRESSING THE LINK INCLUDED IN THIS PAGE MOZILLA CAN HANGUP UNDER REDHAT 7.2 EVEN THE XSERVER AND KERNEL !! USE AT YOUR OWN RISK !! http://64.246.18.91/index.html well this bug crashed my mozilla rc3 + xserver + my redhat 7.2 system hangup ( complet ) .. it seems that applications under KDE 3.0 ( like kwrite ) will crash and hangup the system too if using this technic! evil webmasters can crash whole system with this bug note: the talkback agent will not fit here. Couse when mozilla crashes it takes the x with it.
This all wfm under Solaris, Win 2k, and Linux under VNC, both typing/pasting in excessively long URLs and clicking on an excessively long a href="..." link. When posting data about this crashing your Xserver, it is essential that the version/flavour of X you're running is included. I can repro this only on Linux running XFree86 4.1 (don't have 4.2 yet, but I see a datapoint for wfm under 4.2 here), using the SVGA server. My recommendation: upgrade your X server and see if it still happens. Better yet, recompile it so that you can get a stacktrace (though recompiling X is a hairy deal that I wouldn't want to bother with...).
Marking NEW & Security Sensitive...if you disagree feel free to uncheck it.
Group: security?
Status: UNCONFIRMED → NEW
Ever confirmed: true
CCing mstoltz for comment.
*** This bug has been marked as a duplicate of 121885 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Group: security
Product: Core → SeaMonkey
You need to log in before you can comment on or make changes to this bug.