Accessing data:;base64, produces a crash for some architectures

RESOLVED FIXED in mozilla1.9alpha1

Status

()

Core
Networking
--
critical
RESOLVED FIXED
12 years ago
12 years ago

People

(Reporter: Sylvain Pasche, Assigned: Darin Fisher)

Tracking

(4 keywords)

Trunk
mozilla1.9alpha1
x86
Linux
crash, fixed1.8.0.2, fixed1.8.1, testcase
Points:
---
Bug Flags:
blocking1.8.0.2 +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [nvn-dl], URL)

Attachments

(1 attachment)

(Reporter)

Description

12 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux x86_64; fr; rv:1.8) Gecko/20060113 Firefox/1.5
Build Identifier: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9a1) Gecko/20060114 Firefox/1.6a1

See patch. Apparently, i386 does not suffer from this problem. On x86_64, it crashes everytime.

Reproducible: Always

Steps to Reproduce:
(Reporter)

Comment 1

12 years ago
Created attachment 208459 [details] [diff] [review]
Prevent crash of negative array access

Updated

12 years ago
Attachment #208459 - Flags: review?(darin)

Updated

12 years ago
Keywords: crash, testcase
(Assignee)

Comment 2

12 years ago
Comment on attachment 208459 [details] [diff] [review]
Prevent crash of negative array access

r=darin
Attachment #208459 - Flags: review?(darin) → review+
(Assignee)

Updated

12 years ago
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
(Assignee)

Updated

12 years ago
Target Milestone: --- → mozilla1.9alpha
(Assignee)

Comment 3

12 years ago
fixed-on-trunk
(Assignee)

Comment 4

12 years ago
No, seriously... it's fixed-on-trunk.
Status: ASSIGNED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
(Assignee)

Comment 5

12 years ago
Comment on attachment 208459 [details] [diff] [review]
Prevent crash of negative array access

I think we should try to fix this for FF 2, and we should probably even try for FF 1.5.0.2.
Attachment #208459 - Flags: approval1.8.1?
Attachment #208459 - Flags: approval1.8.0.2?

Comment 6

12 years ago
Comment on attachment 208459 [details] [diff] [review]
Prevent crash of negative array access

Vicariously approving for darin.
Attachment #208459 - Flags: approval1.8.1? → branch-1.8.1+
(Assignee)

Comment 7

12 years ago
fixed1.8.1
Keywords: fixed1.8.1
Flags: blocking1.8.0.2+
Comment on attachment 208459 [details] [diff] [review]
Prevent crash of negative array access

approved for 1.8.0 branch, a=dveditz
Attachment #208459 - Flags: approval1.8.0.2? → approval1.8.0.2+
(Assignee)

Comment 9

12 years ago
fixed1.8.0.2
Keywords: fixed1.8.0.2
marking [nvn-dl], which removes this bug from the "to be verified by QA" list
for Firefox 1.5.0.2.  
Whiteboard: [nvn-dl]
You need to log in before you can comment on or make changes to this bug.