Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.8a5) Gecko/20041021 When running the Zalewski cgi test program I discovered a reproducible crash with a garbage HTML file that I will attach shortly. The OS/2 debugger tells me that it is in nsCSSFrameConstructor::GetFrame in the line return frame->GetContentInsertionFrame(); While the crash is not specific to OS/2 or the trunk (I can reproduce it with 1.7.3 on OS/2 and with 1.7.3 on Linux) I didn't create a debug build for Linux yet and I don't have talkback. Perhaps there is security involved...
The garbled HTML as created by the Zalewski test program
Confirmed on Linux with Mozilla 1.7.?
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: crash in nsCSSFrameConstructor::GetFrame → Crash [@nsCSSFrameConstructor::GetFrame]
confirmed, winxp, firefox 0.10.1
Can someone please confirm that the patch to bug 265404 fixed this? Cannot reproduce any more, so from my point of view this can be resolved.
*** This bug has been marked as a duplicate of 265181 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
No longer depends on: 265181
Crash Signature: [@nsCSSFrameConstructor::GetFrame]
You need to log in before you can comment on or make changes to this bug.