Closed
Bug 558772
Opened 14 years ago
Closed 11 years ago
Reproducible WMV crash [@ strcasecmp_l] [@ Flip4Mac WMV Plugin@0x5556]
Categories
(External Software Affecting Firefox :: Other, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: timeless, Unassigned)
References
()
Details
(Keywords: crash, sec-vector, Whiteboard: [sg:vector-critical (Flip4Mac)])
Crash Data
+++ This bug was initially created as a clone of Bug #512387 +++ Created an attachment (id=396366) wget'd page zipped Load the url provided and crash. 1.9.0, 1.9.1, and 1.9.2 also crash. reproducible on Mac Product Firefox Version 3.5.3pre Build ID 20090821030839 http://crash-stats.mozilla.com/report/index/7094ff7d-876a-4fc7-9dc7-4b7ea2090824 0 libSystem.B.dylib strcasecmp_l 1 libSystem.B.dylib strcasecmp 2 Flip4Mac WMV Plugin Flip4Mac WMV Plugin@0x5556 3 Flip4Mac WMV Plugin Flip4Mac WMV Plugin@0x56f1 4 Flip4Mac WMV Plugin Flip4Mac WMV Plugin@0x5d91 5 XUL nsNPAPIPluginInstance::InitializePlugin modules/plugin/base/src/nsNPAPIPluginInstance.cpp:1030 6 XUL nsPluginHostImpl::TrySetUpPluginInstance modules/plugin/base/src/nsPluginHostImpl.cpp:3872 7 XUL nsPluginHostImpl::SetUpPluginInstance modules/plugin/base/src/nsPluginHostImpl.cpp:3670 8 XUL nsPluginHostImpl::InstantiateEmbeddedPlugin modules/plugin/base/src/nsPluginHostImpl.cpp:3361 9 XUL nsPluginStreamListenerPeer::OnStartRequest modules/plugin/base/src/nsPluginHostImpl.cpp:2025 10 XUL nsObjectLoadingContent::OnStartRequest content/base/src/nsObjectLoadingContent.cpp:608 11 XUL NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/unix/xptcinvoke_unixish_x86.cpp:179 12 XUL XPCWrappedNative::CallMethod js/src/xpconnect/src/xpcwrappednative.cpp:2454 13 XUL XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1590 14 libmozjs.dylib js_Invoke js/src/jsinterp.cpp:1386 15 libmozjs.dylib js_Interpret js/src/jsinterp.cpp:5179 16 libmozjs.dylib js_Invoke js/src/jsinterp.cpp:1394 17 XUL nsXPCWrappedJSClass::CallMethod js/src/xpconnect/src/xpcwrappedjsclass.cpp:1697 18 XUL nsXPCWrappedJS::CallMethod js/src/xpconnect/src/xpcwrappedjs.cpp:569 19 XUL PrepareAndDispatch xpcom/reflect/xptcall/src/md/unix/xptcstubs_unixish_x86.cpp:93 20 XUL PrepareAndDispatch 21 XUL nsHttpChannel::CallOnStartRequest netwerk/protocol/http/src/nsHttpChannel.cpp:846 22 XUL nsHttpChannel::ProcessNormal netwerk/protocol/http/src/nsHttpChannel.cpp:1128 23 XUL nsHttpChannel::ProcessResponse netwerk/protocol/http/src/nsHttpChannel.cpp:997 24 XUL nsHttpChannel::OnStartRequest netwerk/protocol/http/src/nsHttpChannel.cpp:4868 25 XUL nsInputStreamPump::OnStateStart netwerk/base/src/nsInputStreamPump.cpp:439 26 XUL nsInputStreamPump::OnInputStreamReady netwerk/base/src/nsInputStreamPump.cpp:395 27 XUL nsInputStreamReadyEvent::Run xpcom/io/nsStreamUtils.cpp:111 28 XUL nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:510 29 XUL NS_ProcessPendingEvents_P nsThreadUtils.cpp:180 30 XUL nsBaseAppShell::NativeEventCallback widget/src/xpwidgets/nsBaseAppShell.cpp:121 31 XUL nsAppShell::ProcessGeckoEvents widget/src/cocoa/nsAppShell.mm:405 32 CoreFoundation CFRunLoopRunSpecific 33 CoreFoundation CFRunLoopRunInMode 34 HIToolbox RunCurrentEventLoopInMode 35 HIToolbox ReceiveNextEventCommon 36 HIToolbox BlockUntilNextEventMatchingListInMode 37 AppKit _DPSNextEvent 38 AppKit -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] 39 AppKit -[NSApplication run] 40 XUL nsAppShell::Run widget/src/cocoa/nsAppShell.mm:720 41 XUL nsAppStartup::Run toolkit/components/startup/src/nsAppStartup.cpp:193 42 XUL XRE_main toolkit/xre/nsAppRunner.cpp:3321 43 firefox-bin main browser/app/nsBrowserApp.cpp:156 44 firefox-bin firefox-bin@0x1541 45 firefox-bin firefox-bin@0x1468 46 @0x2 Bug 512387 Comment 3 chris hofmann 2009-08-24 19:49:49 PDT maybe bug 511767 Bug 512387 Comment 4 Jesse Ruderman 2009-08-28 20:13:37 PDT Do we have contacts who work on Windows Media Player and Flip4Mac? We can't fix this bug ourselves. Bug 512387 Comment 5 chris hofmann 2009-08-29 11:24:50 PDT yeah, if we think there is possible security implication in their code beyond a DoS we should send a report from security@mozilla.org to security@microsoft.com. We should also do this also if we don't want to take the time, or can't, figure out the possible security implications. we could just send mail to Microsoft, ask for a cc mail address and give that bugzilla account access to the bug. it maybe harder to find something for flip. flip might license code from Microsoft so Microsoft might have contact. we could just try mail to security@theflip.com but I guess a smaller consumer product company like that my not have security@ set up. on http://www.theflip.com/privacy.shtml I see another possible e-mail 13. QUESTIONS OR COMMENTS If you have any questions, comments, or concerns relating to the Pure Digital Services or this privacy policy, please send an e-mail to privacy@puredigitalinc.com or write to us at: Pure Digital Technologies, Inc. Attn: Privacy Compliance Officer 30 Maiden Lane 6th Floor San Francisco, CA 94108 Sound like a plan? If this makes sense can dveditz, bsterne, reed, or other that has the mail cert send this mail? Bug 512387 Comment 6 chris hofmann 2009-08-29 11:26:35 PDT the mail should also reference and grant access to bug 511767 Bug 512387 Comment 7 Daniel Veditz 2009-09-22 14:04:52 PDT The WMP crash in comment 0 is a null deref A crash in Flip4Mac should get its own bug, there's no relation between these two as far as I know. There's not enough information in comment 1 to say whether the Flip4Mac crash is a problem or not.
Updated•14 years ago
|
Whiteboard: [sg:vector-critical]
Updated•14 years ago
|
Whiteboard: [sg:vector-critical] → [sg:vector-critical (Flip4Mac)]
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@ strcasecmp_l]
[@ Flip4Mac WMV Plugin@0x5556]
Updated•12 years ago
|
Keywords: sec-vector
Updated•11 years ago
|
Crash Signature: [@ strcasecmp_l]
[@ Flip4Mac WMV Plugin@0x5556] → [@ strcasecmp_l]
[@ Flip4Mac WMV Plugin@0x5556]
Component: Windows Media Player (Flip4Mac) → Other
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INCOMPLETE
Updated•9 years ago
|
Group: core-security → core-security-release
Updated•8 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•