The browser crashes during the payment process if the " ; " punctuation mark is used in fields

VERIFIED FIXED in Firefox 65

Status

()

P1
critical
VERIFIED FIXED
6 months ago
5 months ago

People

(Reporter: timea.babos, Assigned: edenchuang)

Tracking

({crash})

Trunk
mozilla65
crash
Points:
---

Firefox Tracking Flags

(firefox-esr60 disabled, firefox63 disabled, firefox64 disabled, firefox65 verified)

Details

(Whiteboard: [webpayments-reserve], crash signature)

Attachments

(1 attachment, 2 obsolete attachments)

(Reporter)

Description

6 months ago
[Affected versions]: 
Nightly 64.0a1 (2018-10-08)

[Affected platforms]:
Platforms: Windows 10 x 64, Mac OS 10.13, Ubuntu 16.04.

[Preconditions]:
1. Set the pref dom.payments.request.enabled to "true";
2. Make sure you have at least one Shipping Address and one Credit Card saved in your browser.

[Steps to reproduce]:
1. Go to "https://rsolomakhin.github.io/pr/us/" and click on "Buy"
2. Add or Edit a shipping address
3. Fill in any field with the " ; " punctuation mark 
4. Click on the "Pay" button on the Order Summary screen


[Expected result]:
The payment widget should be closed and the response displayed correctly.

[Actual result]:
The browser crashes. 

[Note]:
Tried out all the other basic punctuation marks and symbols on the keyboard, so far only " ; " seems to crash the browser. 

The crash can NOT be reproduced on Windows 7 x64.
Flags: qe-verify+
Duplicate of this bug: 1497222
Great find! I think this is due to the IPC serialization using semicolons (IIRC).
Severity: normal → critical
status-firefox64: affected → ---
Component: WebPayments UI → DOM: Web Payments
Priority: -- → P2
Product: Firefox → Core
Whiteboard: [webpayments] [triage] → [webpayments]
(Assignee)

Updated

6 months ago
Assignee: nobody → echuang
Status: NEW → ASSIGNED
Priority: P2 → P1
Whiteboard: [webpayments] → [webpayments-reserve]
(Assignee)

Comment 3

5 months ago
I post the patch on the wrong bug and get the r+ 

https://bugzilla.mozilla.org/show_bug.cgi?id=1497219#c4
Attachment #9018983 - Flags: review+
(Assignee)

Updated

5 months ago
Keywords: checkin-needed

Comment 4

5 months ago
Pushed by ebalazs@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/fa6b7a70f2db
Refactor the IPC structure for PaymentResponse.details r=baku
Keywords: checkin-needed
(Assignee)

Updated

5 months ago
Keywords: checkin-needed

Comment 8

5 months ago
Pushed by ebalazs@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/8238a4eeda86
Refactor the IPC structure for PaymentResponse.details r=baku
Keywords: checkin-needed

Comment 9

5 months ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/8238a4eeda86
Status: ASSIGNED → RESOLVED
Last Resolved: 5 months ago
status-firefox65: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
Status: REOPENED → ASSIGNED
(Assignee)

Comment 11

5 months ago
Fix the memory leak.
Attachment #9019310 - Attachment is obsolete: true
Flags: needinfo?(echuang)
Attachment #9020771 - Flags: review+
Pulsebot is down atm.

Land: https://hg.mozilla.org/integration/mozilla-inbound/rev/4b9fa41aa4ecbf8079011d1906f4287493434d70

Removing checkin-needed.
Keywords: checkin-needed

Comment 14

5 months ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/4b9fa41aa4ec
Status: ASSIGNED → RESOLVED
Last Resolved: 5 months ago5 months ago
status-firefox65: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla65

Comment 15

5 months ago
Verified as fixed on Firefox Nightly 65.0a1 (2018-10-29) on Windows 10 x 64, Windows 7 x32, Mac OS X 10.14 and on Ubuntu 16.04 x64.
Status: RESOLVED → VERIFIED
status-firefox65: fixed → verified
Flags: qe-verify+
(Assignee)

Updated

5 months ago
Duplicate of this bug: 1499954
AFAIK, this doesn't need backporting since WebPayments are still Nightly-only, but feel free to nominate for Beta uplift if I'm mistaken.
status-firefox63: --- → disabled
status-firefox64: --- → disabled
status-firefox-esr60: --- → disabled
You need to log in before you can comment on or make changes to this bug.