Closed
Bug 743208
Opened 12 years ago
Closed 12 years ago
Crash in "View Source" on a clean profile and a valid HTML5 file
Categories
(Core :: DOM: HTML Parser, defect)
Core
DOM: HTML Parser
Tracking
()
RESOLVED
DUPLICATE
of bug 742414
| Tracking | Status | |
|---|---|---|
| firefox11 | --- | affected |
| firefox12 | --- | affected |
| firefox13 | --- | affected |
| firefox14 | --- | affected |
| firefox-esr10 | --- | unaffected |
People
(Reporter: ws.bugzilla, Unassigned)
References
Details
(Keywords: crash, regression, reproducible)
Crash Data
Attachments
(1 file)
|
199 bytes,
text/html
|
Details |
Firefox crashes when I attempt to View Source of the following valid HTML5 document:
<!DOCTYPE html><head><title>title</title
><script src="/script1.js"></script
><script src="/script2.js"></script
><script src="/script3.js"></script
><script src="/script4.js"></script
><body>
Tested in 14.0a1 (2012-04-05) using a clean profile.
I can confirm this. View the attachment, press View Source; the View Source window appears for a few seconds (with empty content area), then Firefox suddenly disappears without a message. (Not just the View Source window disappears; Firefox disappears completely.)
|
||
Comment 2•12 years ago
|
||
WFM: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.3) Gecko/20100101 Firefox/10.0.3 Reproduced: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20100101 Firefox/11.0 Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0 Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120405 Firefox/13.0a2 Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20120405 Firefox/14.0a1 bp-76049004-0fa4-490c-8d59-c2f232120406 bp-0e1b252f-9e28-4bfc-ab3b-a67432120406 bp-ba7fef1c-879c-4dfa-b3c0-234382120406 bp-bda8539f-44fe-49bf-a5c2-8f0b92120406
Severity: normal → critical
Crash Signature: [@ nsHtml5Highlighter::Push ]
status-firefox-esr10:
--- → unaffected
status-firefox11:
--- → affected
status-firefox12:
--- → affected
status-firefox13:
--- → affected
status-firefox14:
--- → affected
Keywords: regression
OS: Windows 7 → All
Hardware: x86 → All
|
|
||
Comment 3•12 years ago
|
||
Last good nightly: 2011-11-01 First bad nightly: 2011-11-02 Pushlog: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=67d1049b0bf9&tochange=978002c0b0ad
Keywords: reproducible
|
||
Comment 4•12 years ago
|
||
It's worth noting that Firefox can be coaxed into viewing the source of a page by e.g. redirecting to 'view-source:$URL', so an attacker can make affected versions of Firefox crash whenever a user visits a page under the attacker's control.
@Kasper: that does not seem to be a major concern; bug 626963 has allowed anyone to lock up Firefox trivially for about 15 months now.
|
|
||
Comment 6•12 years ago
|
||
The first bad revision is: changeset: 79505:175a0afe3c43 user: Henri Sivonen <hsivonen@iki.fi> date: Fri Jul 30 13:15:38 2010 +0300 summary: Bug 482921 part 1 - Implement HTML syntax highlighting using the new parser. r=Olli.Pettay. https://hg.mozilla.org/mozilla-central/rev/175a0afe3c43
Blocks: 482921
|
||
Updated•12 years ago
|
Component: Developer Tools → HTML: Parser
Product: Firefox → Core
QA Contact: developer.tools → parser
|
||
Comment 7•12 years ago
|
||
Seems duplicate of #742414
|
||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•