Closed
Bug 172339
Opened 22 years ago
Closed 22 years ago
Incorrect domain name under SSL crashes browser [@ js_GetSlotThreadSafe][@ 0x00090005]
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(Not tracked)
VERIFIED
WORKSFORME
People
(Reporter: nick, Assigned: ssaux)
References
()
Details
(Keywords: crash)
Crash Data
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021001 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021001 Visiting a site under SSL using a domain name that is not on the cert (eg an IP address) crashes mozilla. For example: https://uk1.games-workshop.com & https://195.33.99.36 both crash the browser https://uk.games-workshop.com does not. Reproducible: Always Steps to Reproduce: 1. https://195.33.99.36 Actual Results: Crash Expected Results: Show a warning that the domain name was not the same as on the certificate, but was otherwise valid.
Sorry, Talkback ID 11974351W
Summary: Incorrect domain name under SSL crashes browser → Incorrect domain name under SSL crashes browser
I believe this goes to DOM events. Correct me if I'm wrong. Product ID MozillaTrunk Build ID 2002100108 Operating System Windows NT 5.0 build 2195 URL visited going to an ssl site User Comments going to an ssl site with an invalid certificate Stack Trace 0x00090005 js_GetSlotThreadSafe [c:/builds/seamonkey/mozilla/js/src/jslock.c, line 563] JS_GetPrivate [c:/builds/seamonkey/mozilla/js/src/jsapi.c, line 1928] nsScriptSecurityManager::GetFunctionObjectPrincipal [c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1786] nsScriptSecurityManager::GetFramePrincipal [c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1820] nsScriptSecurityManager::GetPrincipalAndFrame [c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1833] nsScriptSecurityManager::GetSubjectPrincipal [c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1873] nsScriptSecurityManager::GetSubjectPrincipal [c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1607] nsScriptSecurityManager::SubjectPrincipalIsSystem [c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1635] GlobalWindowImpl::CheckSecurityIsChromeCaller [c:/builds/seamonkey/mozilla/dom/src/base/nsGlobalWindow.cpp, line 2110] GlobalWindowImpl::IsCallerChrome [c:/builds/seamonkey/mozilla/dom/src/base/nsGlobalWindow.cpp, line 2124] GlobalWindowImpl::Focus [c:/builds/seamonkey/mozilla/dom/src/base/nsGlobalWindow.cpp, line 2376] nsWebShellWindow::HandleEvent [c:/builds/seamonkey/mozilla/xpfe/appshell/src/nsWebShellWindow.cpp, line 612] nsWindow::DispatchEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1067] nsWindow::DispatchWindowEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1084] nsWindow::DispatchFocus [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 5445] nsWindow::ProcessMessage [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 4119] nsWindow::WindowProc [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1333] USER32.DLL + 0x2e98 (0x77e12e98) USER32.DLL + 0x39a3 (0x77e139a3) USER32.DLL + 0x395f (0x77e1395f) ntdll.dll + 0x2032f (0x77fa032f) USER32.DLL + 0x569d (0x77e1569d) PeekKeyAndIMEMessage [c:/builds/seamonkey/mozilla/widget/src/windows/nsAppShell.cpp, line 103] nsAppShell::Run [c:/builds/seamonkey/mozilla/widget/src/windows/nsAppShell.cpp, line 169] nsAppShellService::Run [c:/builds/seamonkey/mozilla/xpfe/appshell/src/nsAppShellService.cpp, line 472] main1 [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1538] main [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1886] WinMain [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1906] WinMainCRTStartup() KERNEL32.DLL + 0x17d08 (0x77e97d08)
Status: UNCONFIRMED → NEW
Component: Browser-General → DOM Events
Ever confirmed: true
Keywords: crash
Summary: Incorrect domain name under SSL crashes browser → Incorrect domain name under SSL crashes browser [@ js_GetSlotThreadSafe][@ 0x00090005]
|
||
Comment 3•22 years ago
|
||
WFM, Linux cvs trunk.
|
||
Comment 4•22 years ago
|
||
This would be security manager, actually. Or JS engine at next shot.
Assignee: asa → mstoltz
Component: DOM Events → Security: CAPS
QA Contact: asa → bsharma
|
||
Comment 5•22 years ago
|
||
Let's start with PSM.
Assignee: mstoltz → ssaux
Component: Security: CAPS → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: Trunk → 2.4
|
||
Comment 6•22 years ago
|
||
Both the mentioned sites works for me. Reporter, can you try a new nightly build, installed into a clean directory?
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → WORKSFORME
|
||
Updated•13 years ago
|
Crash Signature: [@ js_GetSlotThreadSafe]
[@ 0x00090005]
|
|
||
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•