Closed
Bug 265583
Opened 20 years ago
Closed 20 years ago
Crash [@nsCSSFrameConstructor::GetFrame]
Categories
(Core :: Layout, defect)
Core
Layout
Tracking
()
VERIFIED
DUPLICATE
of bug 265181
People
(Reporter: mozilla, Unassigned)
References
Details
(Keywords: crash, Whiteboard: [sg:nse])
Crash Data
Attachments
(1 file)
17.68 KB,
text/html
|
Details |
Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.8a5) Gecko/20041021 When running the Zalewski cgi test program I discovered a reproducible crash with a garbage HTML file that I will attach shortly. The OS/2 debugger tells me that it is in nsCSSFrameConstructor::GetFrame in the line return frame->GetContentInsertionFrame(); While the crash is not specific to OS/2 or the trunk (I can reproduce it with 1.7.3 on OS/2 and with 1.7.3 on Linux) I didn't create a debug build for Linux yet and I don't have talkback. Perhaps there is security involved...
Reporter | ||
Comment 1•20 years ago
|
||
The garbled HTML as created by the Zalewski test program
Updated•20 years ago
|
Group: security
Comment 2•20 years ago
|
||
Confirmed on Linux with Mozilla 1.7.?
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: crash in nsCSSFrameConstructor::GetFrame → Crash [@nsCSSFrameConstructor::GetFrame]
Updated•20 years ago
|
Whiteboard: [sg:nse]
Comment 3•20 years ago
|
||
confirmed, winxp, firefox 0.10.1
Comment 4•20 years ago
|
||
TB1456593G
Reporter | ||
Comment 6•20 years ago
|
||
Can someone please confirm that the patch to bug 265404 fixed this? Cannot reproduce any more, so from my point of view this can be resolved.
Comment 7•20 years ago
|
||
*** This bug has been marked as a duplicate of 265181 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@nsCSSFrameConstructor::GetFrame]
You need to log in
before you can comment on or make changes to this bug.
Description
•