Closed
Bug 698247
Opened 13 years ago
Closed 3 years ago
Null dereference with bad channel implementing URI in nsHTMLDocument::StartDocumentLoad
Categories
(Core :: DOM: Core & HTML, defect, P5)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: WeirdAl, Unassigned)
Details
(Keywords: crash, Whiteboard: qa-not-actionable)
Attachments
(1 file)
845 bytes,
patch
|
Details | Diff | Splinter Review |
I wrote a buggy nsIChannel implementation, which returned a null URI calling GetURI. Mozilla crashed later on this line: uri->GetScheme(scheme); I have a patch for that but no active test. My test at the time involved a JS-implemented channel.
Reporter | ||
Comment 1•13 years ago
|
||
Attachment #570527 -
Flags: review?(jonas)
Comment 2•13 years ago
|
||
I would rather crash here than press on with a bogus channel impl and end up with a security hole or something...
Yeah, I think I agree with bz. Is there a particular reason you want to change this?
Reporter | ||
Comment 4•13 years ago
|
||
Oh, just a lovely little theory that I've held as an article of faith, which says JavaScript should never be able to cause a crash accidentally. What would you say to a patch which forced a crash at the actual point (NS_RUNTIMEABORT), instead of some 70 lines later?
Given that we want to move towards implementing more stuff in JS, I don't think we can keep saying that JS should never be able to crash the browser.
Attachment #570527 -
Flags: review?(jonas)
Comment 6•6 years ago
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046 Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5. If you have questions, please contact :mdaly.
Priority: -- → P5
Updated•3 years ago
|
Whiteboard: qa-not-actionable
I'm going to close this as WONTFIX since I think this is working as designed. I don't think it's a goal that JS should never be able to cause crashes given how much internal stuff we implement in JS
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•