Closed
Bug 439800
(CVE-2008-2786)
Opened 17 years ago
Closed 17 years ago
Crash when try to follow a link with a bad formated URL
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 402735
People
(Reporter: hexapode, Unassigned)
Details
(Whiteboard: [sg:needinfo])
Attachments
(1 file)
|
262 bytes,
text/html
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9) Gecko/2008052906 Firefox/3.0
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9) Gecko/2008052906 Firefox/3.0
When try to follow a link like :
<a href="/http%3A%2F%2Fwww.proof-of-concept.fr%2Fpoc%2Fpersonnel%2FGuillaume.Hexapode%2Fnode310.html">
test
</a>
Firefox crash.
I've no time to look over it, but seems a overflow.
Reproducible: Always
Steps to Reproduce:
1.create a html page with a link like :
<a href="/http%3A%2F%2Fwww.proof-of-concept.fr%2Fpoc%2Fpersonnel%2FGuillaume.Hexapode%2Fnode310.html">
test
</a>
2. visit this page.
3. clic on the link
Actual Results:
crash
Expected Results:
not crash ?
I use Firefox 3 Realease
No toolbarn, no pluggins.
|
||
Comment 1•17 years ago
|
||
You mean http://www.proof-of-concept.fr/poc/personnel/Guillaume.Hexapode/node310.html
?
I get a "La page est introuvable"
<a href="http://www.proof-of-concept.fr/poc/personnel/Guillaume.Hexapode/node310.html">http://www.proof-of-concept.fr/poc/personnel/Guillaume.Hexapode/node310.html</a>
?
I get a "La page est introuvable"
----
You forget the slash in fornt of your URL.
|
|
||
Comment 3•17 years ago
|
||
Which slash?
With http://www.proof-of-concept.fr/poc/personnel/Guillaume.Hexapode/node310.html/ , I still get a "page not found" error.
URL must be :
/http%3A%2F%2Fwww.proof-of-concept.fr%2Fpoc%2Fpersonnel%2FGuillaume.Hexapode%2Fnode310.html
with / in front
This web page doesn't exist. It's just to show the problem
|
|
||
Comment 5•17 years ago
|
||
Ah,ok, thanks. So your original code example is correct.
|
|
||
Comment 6•17 years ago
|
||
This is worksforme.
Pierre, does the crash also happens in safe mode?
http://support.mozilla.com/en-US/kb/Safe+Mode
Or with a new, clean profile?
|
||
Comment 8•17 years ago
|
||
pierre: do you crash with the testcase Martijn attached? it's possible we're still not interpreting you correctly.
Whiteboard: [sg:needinfo]
Yes I crash with the testcase Martijn attached when I'm not in safe mode.
When I use safe mode, I don't crash.
|
||
Comment 10•17 years ago
|
||
This WFM on the Mac. Martijn, did you try this on XP?
|
|
||
Comment 11•17 years ago
|
||
I tried on Vista.
Pierre, can you find out if one of your extensions is causing this crash?
|
Reporter | |
Comment 12•17 years ago
|
||
I've test extension by extension.
And look like one of my extension is causing the crash :
Download accelerator plus ( http://www.speedbit.com/ ).
Sorry I don't take time to see where crash come from before.
|
|
||
Comment 13•17 years ago
|
||
Pierre, thanks for finding out why you were crashing!
This looks like the same bug as bug 402735 to me.
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
|
|
||
Updated•17 years ago
|
Alias: CVE-2008-2786
You need to log in
before you can comment on or make changes to this bug.
Description
•