Closed Bug 1605108 Opened 4 years ago Closed 4 years ago

Denial of Service through address bar autocomplete

Categories

(Firefox :: Address Bar, defect, P2)

Product:
Firefox
Component:
Address Bar
Version:
71 Branch
Type:
defect
Points:
1

Tracking

()

Status:
VERIFIED FIXED
Iteration:
74.1 - Jan 6 - Jan 19
Tracking Flags:
Tracking Status
firefox73 --- wontfix
firefox74 --- verified

People

(Reporter: alexgnimelf, Assigned: adw)

References

Details

(Whiteboard: [fixed by bug 1603316])

Attachments

(1 file)

firefox.png
9.12 KB, image/png
Details
Attached image firefox.png

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0

Steps to reproduce:

  1. Create new firefox profile on the Win 10 (or use already existed).
  2. Copy a paste string to the the Address bar (without quotes)
    "firefox...................................................................................................."

It looks like that problem in the improper parsing of url when domain expected.

Best regards,
Evgeny

Actual results:

The borwser will not response.

Expected results:

Nothing should have happened. I tested this issue in Win 7 and Linux 64-bit version. These systems not affected.

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → Address Bar

The priority flag is not set for this bug.
:adw, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(adw)
Priority: -- → P3

Reproduces on Nightly. Possibly related to bug 1603316, bug 1587867.

Status: UNCONFIRMED → NEW
Points: --- → 3
status-firefox74: --- → affected
Ever confirmed: true
Flags: needinfo?(adw)
Priority: P3 → P2
See Also: → 1603316, 1587867

(In reply to Evgeny Larin from comment #0)

Steps to reproduce:

  1. Create new firefox profile on the Win 10 (or use already existed).
    ...
    I tested this issue in Win 7 and Linux 64-bit version. These systems not affected.

That's strange, I wouldn't expect this to depend on your OS. I can reproduce it on macOS.

This is fixed by the patch in bug 1603316.

Assignee: nobody → adw
Status: NEW → ASSIGNED
Iteration: --- → 74.1 - Jan 6 - Jan 19
Points: 3 → 1
Depends on: 1603316
Whiteboard: [fixed by bug 1603316]
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox73: --- → wontfix
status-firefox74: affectedfixed
Resolution: --- → FIXED
Flags: qe-verify+

Reproduced the issue using Firefox 73.0a1 (20191219215202) on Windows 10x66 and STR from comment 0. Firefox not responding after pasting the string.
The issue is verified fixed with Firefox 74.0b4 (20200216164042) on Windows 10x64, macOS 10.15 and Ubuntu 16.04.

Status: RESOLVED → VERIFIED
status-firefox74: fixedverified
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: