User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows 98) Build Identifier: Mozilla/5.0 The problem is that, when FireFox uses password protected proxy, it crashes calling SECUR32.InitializeSecurityContextA function. Actually crashes secur32.dll, because of bad argumets passed from Firefox. The call is at address: 8916d1h in Firefox.exe The cause of the crash is the 12th argument of the function - pointer to TimeStamp structure. Microsoft states that this argument can be NULL, but Win98 version of secur32.dll crashes when this argument is NULL (maybe only in combination with some of the other arguments)... Visibly this bug is fixed in Win2000/XP versions of the .dll, because there Firefox works just fine. This crash is not observed in earlier versions of Firefox - 0.9 for example. Reproducible: Always Steps to Reproduce: 1. Set proxy to some MS ISA server with password authentification 2. Try to open any web page Actual Results: FIREFOX caused an invalid page fault in module SECUR32.DLL at 016f:7f8737da. Registers: EAX=76fdcee0 CS=016f EIP=7f8737da EFLGS=00010202 EBX=00000000 SS=0177 ESP=00d1f5bc EBP=00d1f640 ECX=00000000 DS=0177 ESI=00090312 FS=12e7 EDX=01c60159 ES=0177 EDI=023ce7a0 GS=2f26 Bytes at CS:EIP: 89 01 8b 45 fc 89 51 04 c7 40 20 01 00 00 00 83 Stack dump: 023ceeb0 023ceea8 023ceeb0 00000000 00000000 00000000 00000000 023ce7b0 00000030 00000010 00af65c4 00000020 bff7a3a0 00af0000 00af65e4 00000010 Expected Results: Not crashing at least ;) I looked at the sourcecode and found two files where InitializeSecurityContext is called: 1. mozilla/extensions/auth/nsAuthSSPI.cpp line 246: rc = (sspi->InitializeSecurityContext)(&mCred, ctxIn, sn, ctxReq, 0, SECURITY_NATIVE_DREP, inToken ? &ibd : NULL, 0, &mCtxt, &obd, &ctxAttr, NULL); I never wrote C++ before, but IMHO it should be: TIMESTAMP Dummy; rc = (sspi->InitializeSecurityContext)(&mCred, ctxIn, sn, ctxReq, 0, SECURITY_NATIVE_DREP, inToken ? &ibd : NULL, 0, &mCtxt, &obd, &ctxAttr, &Dummy); 2. mozilla/extensions/negotiateauth/nsNegotiateAuthSSPI.cpp line 322: The source code is absolutely the same as above (copy&pasted) and the solution too.
John, so it looks like you know how to fix this. What you need to do is make a patch for this from CVS, then request a review on that patch from an appropriate reviewer.
(In reply to comment #1) > John, so it looks like you know how to fix this. What you need to do is make a > patch for this from CVS, then request a review on that patch from an > appropriate reviewer. > I am not C/C++ programmer at all, never worked with CVS and don't have time to learn these things right now. :)
I'm not a programmer. I loaded firefox 1.5 yesterday. Now when I try to open the "dailygraph" function that I use on the Investor's Business daily website Firefox crashes. It has done this several times. Any suggestions?
(In reply to comment #3) > I'm not a programmer. I loaded firefox 1.5 yesterday. Now when I try to open > the "dailygraph" function that I use on the Investor's Business daily website > Firefox crashes. It has done this several times. Any suggestions? Install talkback, get a talkback ID for the crash. See if the bug's already filed, if not, file a new bug for the crash.
Created attachment 207311 [details] [diff] [review] patch Builds on windows, VC7.1.
(In reply to comment #5) > Created an attachment (id=207311)  > patch > > Builds on windows, VC7.1. > Thank you. But don't forget about "mozilla/extensions/negotiateauth/nsNegotiateAuthSSPI.cpp" line 322. There is the same problem. Regards
reporter: that file is dead on trunk, it was moved to the other place...
Comment on attachment 207311 [details] [diff] [review] patch We should get this in for FF 2 for sure, but it might also be a good one for a minor update to FF 1.5
Checked in on the trunk. Thanks for filing this, John! mozilla/extensions/auth/nsAuthSSPI.cpp; new revision: 1.6; previous revision: 1.5
Comment on attachment 207311 [details] [diff] [review] patch Might consider for 184.108.40.206 after more baking
Landed on the 1.8 branch (for Firefox 2). mozilla/extensions/auth/nsAuthSSPI.cpp; new revision: 220.127.116.11;
Comment on attachment 207311 [details] [diff] [review] patch OK, please consider this for 18.104.22.168. See bug 330044.
Comment on attachment 207311 [details] [diff] [review] patch We don't want to re-spin bits. "-" for 22.214.171.124, "?" for 126.96.36.199. This should be a no brainer for 188.8.131.52.
*** Bug 330044 has been marked as a duplicate of this bug. ***
This is a trivial fix, that we should not pass over for 184.108.40.206
Comment on attachment 207311 [details] [diff] [review] patch a=timr. crasher. now baked. Land it!
Yes please, land this on 1.8.0.x as we need this for SM1.0.2 - thanks
*** Bug 321527 has been marked as a duplicate of this bug. ***
Reopening to reassign to gavin (who checked in to other branches).
I'm now confused... Is this fixed in 220.127.116.11, which should be the next release, or fixed in 18.104.22.168? I can see approval22.214.171.124 being set on the attachment in the View Bug Activity table, but it's not set on the bug or attachment on show_bug.cgi, and I can't see it being removed in the table.
126.96.36.199 is special... it has just a single patch or so. what was planned to be 188.8.131.52 is now renamed to 184.108.40.206, so this is fixed only in .4.
John, could you verify this fix with one of the release candidates (220.127.116.11) that can be found here: http://stage.mozilla.org/pub/mozilla.org/firefox/nightly/18.104.22.168-candidates/rc3/ I don't have a proxy I can specify to verify the fix.