[1.8 branch] Crash [@ ntdll.dll] with particular wikipedia page and Thai Words Separator extension installed

RESOLVED WORKSFORME

Status

()

Core
General
--
critical
RESOLVED WORKSFORME
10 years ago
3 years ago

People

(Reporter: Martijn Wargers (zombie), Unassigned)

Tracking

({crash})

1.8 Branch
x86
Windows XP
crash
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

Attachments

(1 attachment)

(Reporter)

Description

10 years ago
Created attachment 326118 [details]
script that thai word separator extension is using

My brother encountered this. He tracked down the steps to rerpoduce.

To reproduce:
- Install Thai Words Separator 0.2.0.1: https://addons.mozilla.org/en-US/firefox/addon/2666
- Then go to http://en.wikipedia.org/wiki/Hydrocephalus

Result: crash

http://talkback-public.mozilla.org/search/start.jsp?search=2&type=iid&id=TB46480012X
http://talkback-public.mozilla.org/search/start.jsp?search=2&type=iid&id=TB46480002Y
http://talkback-public.mozilla.org/search/start.jsp?search=2&type=iid&id=TB46479988G
http://talkback-public.mozilla.org/search/start.jsp?search=2&type=iid&id=TB46479968K
(talkback seems to be down atm, but afaicr, it was crashing within ntdll.dll)

I've attached the extension code to the bug. As you can see it's just doing some  dom scripting on a page load, so it seems to me, it would be possible to get a standalone testcase, that would crash branch (although I haven't been able to do that, thus far).
(Reporter)

Comment 1

10 years ago
I tried to get a backtrace with gdb and my mingw debug build, but that didn't work,  btw.
(Reporter)

Updated

10 years ago
Summary: Crash [@ ntdll.dll] with particular wikipedia page and Thai Words Separator extension installed → [1.8 branch] Crash [@ ntdll.dll] with particular wikipedia page and Thai Words Separator extension installed
(Reporter)

Comment 2

10 years ago
Marking resolved worksforme, as this is only a problem in the 1.8 branch and not in later builds and the 1.8 branch is not maintained anymore by Mozilla.
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → WORKSFORME
(Assignee)

Updated

7 years ago
Crash Signature: [@ ntdll.dll]

Updated

3 years ago
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.