Specially forged Text Pasted into the Address Bar Causes Firefox to Freeze

VERIFIED FIXED in Firefox 64

Status

()

defect
P1
minor
VERIFIED FIXED
9 months ago
7 months ago

People

(Reporter: apxadz4f68q9, Assigned: mak)

Tracking

64 Branch
Firefox 64
Desktop
Windows 10
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox62 wontfix, firefox63 wontfix, firefox64 verified, firefox65 verified)

Details

(Whiteboard: [fxsearch])

Attachments

(2 attachments)

Reporter

Description

9 months ago
Posted file ff_crash.txt
What did you do? (steps to reproduce)
Open Firefox.
Copy the text inside the attached file.
Paste the text to the address bar.

What happened? (actual results)
Firefox freezes and does not respond.

What should have happened? (expected results)
Firefox should not freeze. It should act normally as if any other text was pasted into the address bar.

Tested on my daily used Firefox installation, updated to 62.0.2 (64-bit).
Also tested on a newly installed Firefox Nightly with a new clean profile, updated to version 64.0a1 (2018-09-30) (64-bit).

The attached text is a Base64 Url encoded data of a json I used to verify some unrelated app with.
More specifically, it is more than one base64 text, it has a few of them with a 'period' in between them, with the equal sign at the end of each dropped. The first two are json, the 3rd is some binary data.
I've changed it a bit from the original and made sure it still causes the freeze on Nightly.

I am not certain what is unique about this data, I did try some dumb text (same letter, random letters, etc.) of the same length and it did not make Firefox freeze.

Currently, I do not have the means to test on other platforms.
I would hope that someone could try to reproduce this bug as easily as I could on other setups.
Assignee

Comment 1

9 months ago
I can reproduce this, and looks like the problem is a regex in unifiedcomplete.js: /(.*\..*){3,}/.test(str)
I admit it's not a great regex, we can surely find a better solution here.
Assignee: nobody → mak77
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: -- → P1
Whiteboard: [fxsearch]
Assignee

Updated

9 months ago
Summary: Long Base64 Text Pasted into the Address Bar Causes Firefox to Freeze → Specially forget Text Pasted into the Address Bar Causes Firefox to Freeze
Assignee

Updated

9 months ago
Summary: Specially forget Text Pasted into the Address Bar Causes Firefox to Freeze → Specially forged Text Pasted into the Address Bar Causes Firefox to Freeze
Assignee

Updated

9 months ago
Blocks: 1492226

Comment 3

9 months ago
Pushed by mak77@bonardo.net:
https://hg.mozilla.org/integration/autoland/rev/8da12a6048fb
Specially forged Text Pasted into the Address Bar Causes Firefox to Freeze. r=adw

Comment 4

9 months ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/8da12a6048fb
Status: ASSIGNED → RESOLVED
Closed: 9 months ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 64
Assignee

Comment 5

9 months ago
Comment on attachment 9015942 [details]
Bug 1495327 - Specially forged Text Pasted into the Address Bar Causes Firefox to Freeze.

[Beta/Release Uplift Approval Request]

Feature/Bug causing the regression: Not a recent bug

User impact if declined: The address bar may be slow when typing/pasting long strings

Is this code covered by automated tests?: No

Has the fix been verified in Nightly?: No

Needs manual test from QE?: Yes

If yes, steps to reproduce: The bug contains a test string to use

List of other uplifts needed: none

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Trivial regex change

String changes made/needed: none
Attachment #9015942 - Flags: approval-mozilla-beta?
Comment on attachment 9015942 [details]
Bug 1495327 - Specially forged Text Pasted into the Address Bar Causes Firefox to Freeze.

Although this seems a trivial patch, the previous regex landed in Firefox 52, the fix just landed in nightly and we already shipped our last Desktop beta, it doesn't seem like a good candidate for RC, thanks.
Attachment #9015942 - Flags: approval-mozilla-beta? → approval-mozilla-beta-
I have reproduced this bug with Nightly 64.0a1 (2018-09-30) on Windows 7, 64 Bit!
This bug's fix is verified with latest Nightly!

Build ID 	20181015100128
User Agent 	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0
QA Whiteboard: [bugday-20181010]

Comment 8

8 months ago
Verified as fixed on Firefox Nightly 65.0a1 (2018-10-31) and on Firefox 64.0b5 on Windows 10 x 64, Windows 7 x32, Mac OS X 10.14 and on Ubuntu 16.04 x64.
Status: RESOLVED → VERIFIED
Flags: qe-verify+

Updated

7 months ago
Duplicate of this bug: 1504615
You need to log in before you can comment on or make changes to this bug.