Incorrect domain name under SSL crashes browser [@ js_GetSlotThreadSafe][@ 0x00090005]

VERIFIED WORKSFORME

Status

Core Graveyard
Security: UI
--
critical
VERIFIED WORKSFORME
16 years ago
2 years ago

People

(Reporter: Nick Lott, Assigned: Stephane Saux)

Tracking

({crash})

1.0 Branch
x86
Windows 2000
crash

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

(Reporter)

Description

16 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021001
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021001

Visiting a site under SSL using a domain name that is not on the cert (eg an IP
address) crashes mozilla. For example:

https://uk1.games-workshop.com & https://195.33.99.36 both crash the browser 

https://uk.games-workshop.com does not. 

Reproducible: Always

Steps to Reproduce:
1. https://195.33.99.36

Actual Results:  
Crash

Expected Results:  
Show a warning that the domain name was not the same as on the certificate, but
was otherwise valid.
(Reporter)

Comment 1

16 years ago
Sorry, Talkback ID 11974351W
Summary: Incorrect domain name under SSL crashes browser → Incorrect domain name under SSL crashes browser

Comment 2

16 years ago
I believe this goes to DOM events. Correct me if I'm wrong.

Product ID  MozillaTrunk
Build ID 2002100108
Operating System Windows NT 5.0 build 2195
URL visited going to an ssl site
User Comments going to an ssl site with an invalid certificate

Stack Trace
0x00090005
js_GetSlotThreadSafe [c:/builds/seamonkey/mozilla/js/src/jslock.c, line 563]
JS_GetPrivate [c:/builds/seamonkey/mozilla/js/src/jsapi.c, line 1928]
nsScriptSecurityManager::GetFunctionObjectPrincipal
[c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1786]
nsScriptSecurityManager::GetFramePrincipal
[c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1820]
nsScriptSecurityManager::GetPrincipalAndFrame
[c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1833]
nsScriptSecurityManager::GetSubjectPrincipal
[c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1873]
nsScriptSecurityManager::GetSubjectPrincipal
[c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1607]
nsScriptSecurityManager::SubjectPrincipalIsSystem
[c:/builds/seamonkey/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1635]
GlobalWindowImpl::CheckSecurityIsChromeCaller
[c:/builds/seamonkey/mozilla/dom/src/base/nsGlobalWindow.cpp, line 2110]
GlobalWindowImpl::IsCallerChrome
[c:/builds/seamonkey/mozilla/dom/src/base/nsGlobalWindow.cpp, line 2124]
GlobalWindowImpl::Focus
[c:/builds/seamonkey/mozilla/dom/src/base/nsGlobalWindow.cpp, line 2376]
nsWebShellWindow::HandleEvent
[c:/builds/seamonkey/mozilla/xpfe/appshell/src/nsWebShellWindow.cpp, line 612]
nsWindow::DispatchEvent
[c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1067]
nsWindow::DispatchWindowEvent
[c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1084]
nsWindow::DispatchFocus
[c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 5445]
nsWindow::ProcessMessage
[c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 4119]
nsWindow::WindowProc
[c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1333]
USER32.DLL + 0x2e98 (0x77e12e98)
USER32.DLL + 0x39a3 (0x77e139a3)
USER32.DLL + 0x395f (0x77e1395f)
ntdll.dll + 0x2032f (0x77fa032f)
USER32.DLL + 0x569d (0x77e1569d)
PeekKeyAndIMEMessage
[c:/builds/seamonkey/mozilla/widget/src/windows/nsAppShell.cpp, line 103]
nsAppShell::Run [c:/builds/seamonkey/mozilla/widget/src/windows/nsAppShell.cpp,
line 169]
nsAppShellService::Run
[c:/builds/seamonkey/mozilla/xpfe/appshell/src/nsAppShellService.cpp, line 472]
main1 [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1538]
main [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1886]
WinMain [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1906]
WinMainCRTStartup()
KERNEL32.DLL + 0x17d08 (0x77e97d08)
Status: UNCONFIRMED → NEW
Component: Browser-General → DOM Events
Ever confirmed: true
Keywords: crash
Summary: Incorrect domain name under SSL crashes browser → Incorrect domain name under SSL crashes browser [@ js_GetSlotThreadSafe][@ 0x00090005]

Comment 3

16 years ago
WFM, Linux cvs trunk.
This would be security manager, actually.  Or JS engine at next shot.
Assignee: asa → mstoltz
Component: DOM Events → Security: CAPS
QA Contact: asa → bsharma
Let's start with PSM.
Assignee: mstoltz → ssaux
Component: Security: CAPS → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: Trunk → 2.4

Comment 6

16 years ago
Both the mentioned sites works for me. Reporter, can you try a new nightly
build, installed into a clean directory?
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → WORKSFORME

Comment 7

16 years ago
Verified WFM.
Status: RESOLVED → VERIFIED

Updated

14 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

10 years ago
Version: psm2.4 → 1.0 Branch
Crash Signature: [@ js_GetSlotThreadSafe] [@ 0x00090005]
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.