crash [@ PR_AtomicIncrement] from ShopperReports adware

RESOLVED DUPLICATE of bug 630191

Status

()

Toolkit
Blocklisting
--
critical
RESOLVED DUPLICATE of bug 630191
7 years ago
2 years ago

People

(Reporter: dveditz, Unassigned)

Tracking

({crash, topcrash})

unspecified
x86
Windows NT
crash, topcrash
Points:
---

Firefox Tracking Flags

(status2.0 unaffected, status1.9.2 wanted, status1.9.1 wanted)

Details

(Whiteboard: [sg:vector], crash signature)

(Reporter)

Description

7 years ago
This bug was filed from the Socorro interface and is 
report bp-fefc3617-7771-492f-8dae-b28d52110202 .
============================================================= 

Currently 3.6.13 topcrash #4, these are all EXCEPTION_ACCESS_VIOLATION_WRITE in PR_AtomicIncrement called from mozillaps.dll which is part of the ShopperReports adware. Stacks look like

 PR_AtomicIncrement
 nsAString_internal::Assign
 nsHTMLDocument::GetElementsByTagName
 mozillaps.dll@0x290b

Here's a post showing the malwarebytes detection
http://www.overclock.net/networking-security/846696-prime-example-why-i-use-anti-2.html#post11038501

Adware is in the eyes of the beholder, the company presents itself as a useful toolbar addition (http://www.shopperreports.com/ ) but from disgruntled posts on the web it's pretty clear users generally don't know how they got it (it's bundled as a revenue source with other software).

Extension appears to have the GUID shopperreports@shopperreports.com so we might be able to blocklist it on the basis of crashing (with exploitable-looking signatures). The crashy version appears to be 3.1.22
(Reporter)

Updated

7 years ago
Component: Extension Compatibility → Blocklisting
Product: Firefox → addons.mozilla.org
QA Contact: extension.compatibility → blocklisting
(Reporter)

Comment 1

7 years ago
In a recent timeslice I only see one trunk PR_AtomicIncrement crash on a recent 4.0 beta. It had a different stack and doesn't appear to be associated with this ShopperReports add-on. Crashes inflict 3.5.16 though
blocking1.9.1: --- → ?
blocking1.9.2: --- → ?
status1.9.1: --- → wanted
status1.9.2: --- → wanted
status2.0: --- → unaffected

Comment 2

7 years ago
It is similar to bug 630191 except that it is for 3.6.

Updated

7 years ago
blocking1.9.1: ? → ---
blocking1.9.2: ? → ---

Comment 3

7 years ago
According to bug 630191 comment 17, it is a dupe of bug 630191.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 630191
(Assignee)

Updated

7 years ago
Crash Signature: [@ PR_AtomicIncrement]
(Assignee)

Updated

2 years ago
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.