Closed
Bug 168960
Opened 22 years ago
Closed 20 years ago
viewing files terminated with "&#" and no end of line character causes severe memory leak
Categories
(Core :: DOM: HTML Parser, defect, P3)
Tracking
()
RESOLVED
WORKSFORME
mozilla1.4alpha
People
(Reporter: gwn, Assigned: harishd)
References
()
Details
(Keywords: testcase, Whiteboard: [fix in hand])
Attachments
(2 files)
2 bytes,
text/html
|
Details | |
1.70 KB,
patch
|
Details | Diff | Splinter Review |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020529
When an HTML or text file is loaded that has the two characters "&#" at its end
and the last line is not terminated with a newline character, Mozilla eats all
available memory (causing the Linux kernel to kill all user processes).
Reproduction:
Open a file that contains only the two characters "&#" (hexadecimal 26 23) and
no end of line. Observe memory consumption.
Actual Result:
Memory is consumed at a rate of ca. 50 MB per second with the obvious
consequences.
I first discovered the bug on the URL
http://216.239.37.100/search?q=cache:kSd8B2wq_h0C:www.math.utah.edu:8080/pub/tex/bib/scicomputprogram.html+%22An+exercise+in+the+transformational+derivation%22&hl=en&ie=UTF-8
from where I traced it down to the 2-byte file described above.
I was not able to reproduce the memory consumption with just the two characters
( &# ), however, I did notice it ( mem. consumption ) when I requested the URL.
Stepped into the debugger and noticed a problem in the parser. Thanks,
gwn@gmx.de, for catching this.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: -- → P1
This patch fixes an infinite loop that occurs when an entity like syntax
appears at the end of an html file. When such a syntax appears, in the final
buffer, then instead of trying to consuming it as an entity, and failing
repeatedly, it should be consumed as text.
Bug 163988 (crash with HREF="&#...) might be related.
Comment 6•22 years ago
|
||
WFM, 2003-06-25-05 trunk Linux. I believe this was fixed by bug 188278.
Comment 7•20 years ago
|
||
Marking WFM based on past comments and my own inability to reproduce this.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•