Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020529 When an HTML or text file is loaded that has the two characters "&#" at its end and the last line is not terminated with a newline character, Mozilla eats all available memory (causing the Linux kernel to kill all user processes). Reproduction: Open a file that contains only the two characters "&#" (hexadecimal 26 23) and no end of line. Observe memory consumption. Actual Result: Memory is consumed at a rate of ca. 50 MB per second with the obvious consequences. I first discovered the bug on the URL http://188.8.131.52/search?q=cache:kSd8B2wq_h0C:www.math.utah.edu:8080/pub/tex/bib/scicomputprogram.html+%22An+exercise+in+the+transformational+derivation%22&hl=en&ie=UTF-8 from where I traced it down to the 2-byte file described above.
I was not able to reproduce the memory consumption with just the two characters ( &# ), however, I did notice it ( mem. consumption ) when I requested the URL.
Stepped into the debugger and noticed a problem in the parser. Thanks, firstname.lastname@example.org, for catching this.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: -- → P1
Created attachment 99371 [details] [diff] [review] patch v1.0 This patch fixes an infinite loop that occurs when an entity like syntax appears at the end of an html file. When such a syntax appears, in the final buffer, then instead of trying to consuming it as an entity, and failing repeatedly, it should be consumed as text.
Bug 163988 (crash with HREF="&#...) might be related.
WFM, 2003-06-25-05 trunk Linux. I believe this was fixed by bug 188278.
Marking WFM based on past comments and my own inability to reproduce this.
Status: ASSIGNED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.