Closed
Bug 265583
Opened 21 years ago
Closed 21 years ago
Crash [@nsCSSFrameConstructor::GetFrame]
Categories
(Core :: Layout, defect)
Core
Layout
Tracking
()
VERIFIED
DUPLICATE
of bug 265181
People
(Reporter: mozilla, Unassigned)
References
Details
(Keywords: crash, Whiteboard: [sg:nse])
Crash Data
Attachments
(1 file)
|
17.68 KB,
text/html
|
Details |
Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.8a5) Gecko/20041021
When running the Zalewski cgi test program I discovered a reproducible crash
with a garbage HTML file that I will attach shortly. The OS/2 debugger tells me
that it is in nsCSSFrameConstructor::GetFrame in the line
return frame->GetContentInsertionFrame();
While the crash is not specific to OS/2 or the trunk (I can reproduce it with
1.7.3 on OS/2 and with 1.7.3 on Linux) I didn't create a debug build for Linux
yet and I don't have talkback.
Perhaps there is security involved...
|
Reporter | |
Comment 1•21 years ago
|
||
The garbled HTML as created by the Zalewski test program
|
||
Updated•21 years ago
|
Group: security
|
|
||
Comment 2•21 years ago
|
||
Confirmed on Linux with Mozilla 1.7.?
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: crash in nsCSSFrameConstructor::GetFrame → Crash [@nsCSSFrameConstructor::GetFrame]
|
|
||
Updated•21 years ago
|
Whiteboard: [sg:nse]
|
||
Comment 3•21 years ago
|
||
confirmed, winxp, firefox 0.10.1
|
||
Comment 4•21 years ago
|
||
TB1456593G
|
|
Reporter | |
Comment 6•21 years ago
|
||
Can someone please confirm that the patch to bug 265404 fixed this? Cannot
reproduce any more, so from my point of view this can be resolved.
|
||
Comment 7•21 years ago
|
||
*** This bug has been marked as a duplicate of 265181 ***
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
|
Assignee | |
Updated•14 years ago
|
Crash Signature: [@nsCSSFrameConstructor::GetFrame]
You need to log in
before you can comment on or make changes to this bug.
Description
•