Hangs/slowness on a very long URL in internal pages (about:neterror)

RESOLVED WORKSFORME

Status

()

RESOLVED WORKSFORME
9 years ago
4 years ago

People

(Reporter: Lostmon, Unassigned)

Tracking

(4 keywords)

3.6 Branch
hang, memory-footprint, perf, testcase
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [testday-20110603])

Attachments

(2 attachments)

(Reporter)

Description

9 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.1; es-ES; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; es-ES; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8

Firefox is prone vulnerable to a hang all time , or crash insome cases with a very long URL.
Internal web pages like about:neterror does not limit the amount of chars that a user put in 'c' 'd' params and them if we compose a malformed url the browser can be hang easy.
This issue isn´t exploitable via web links like <a href="very long URL">click here</a> or via window.location.replace('very long url') but i put is as a security threat for prevent analisys from attackers and found posible new vectors.

Reproducible: Always

Steps to Reproduce:
1.Create a html doc with a very long URL link.
2.open the html file and click in the link 
3.go to addressbar and press enter

The browser is hanging
Actual Results:  
Browser hang

Expected Results:  
browser hang or crash
(Reporter)

Comment 1

9 years ago
Posted file Test case PoC
open the test case and wait until it replace url location , and then put the cursor on addressbar ann press enter
(Reporter)

Comment 2

9 years ago
k-meleon in windows do a crash , i have tedted it on windows xp sp3 and windows 7 ultimate and in all cases k-meleon crash and firefox hangs.
(Reporter)

Comment 3

9 years ago
if the test case does not work , please in when open it , change 'd' param to 'c'
and press enter , or change change 'd' param to 'c' and after '=' symbol add a double quot "
(Reporter)

Comment 4

9 years ago
k-meleon bug tracker URL for this case => http://kmeleon.sourceforge.net/bugs/viewbug.php?bugid=1251
The testcase is wfm with Firefox3.6 and current trunk build.
Group: core-security
Keywords: hang, testcase

Updated

8 years ago
Version: unspecified → 3.6 Branch
it's a bit slow but I don't see any hang or crash in Firefox 4.0.

Comment 7

8 years ago
Yes it takes several seconds to load the URL and also cursor movement in the URL is slow. Bug no permanent hang or crash in Aurora 6. However, loading that error page makes memory use increasy by about 40MB of memory in heap-unclassified region (according to about:memory). After a second or two memory goes down to previous levels.
Severity: critical → normal
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: footprint, perf
OS: Windows 7 → All
Hardware: x86 → All
Summary: Hangs on a very long URL in internal pages ( about:neterror) → Hangs/slowness on a very long URL in internal pages (about:neterror)
Whiteboard: [testday-20110603]
Posted file testhtml.html
2400 character link works for me

Updated

4 years ago
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.