Closed
Bug 75973
Opened 23 years ago
Closed 23 years ago
crash [@ nsMsgNewsFolder::GetNntpServer()] when trying to load bogus NNTP server URIs
Categories
(SeaMonkey :: MailNews: Message Display, defect, P1)
SeaMonkey
MailNews: Message Display
Tracking
(Not tracked)
VERIFIED
FIXED
mozilla0.9.2
People
(Reporter: stephend, Assigned: sspitzer)
References
Details
(Keywords: crash, Whiteboard: [nsbeta1+])
Crash Data
Attachments
(7 files)
1.44 KB,
text/plain
|
Details | |
6.32 KB,
text/plain
|
Details | |
5.83 KB,
text/plain
|
Details | |
1.82 KB,
patch
|
Details | Diff | Splinter Review | |
2.04 KB,
patch
|
Details | Diff | Splinter Review | |
2.36 KB,
patch
|
Details | Diff | Splinter Review | |
2.36 KB,
patch
|
Details | Diff | Splinter Review |
Build ID: 4-13 (all OSs) Summary: Crash in Account Wizard, with "secnews/netscape.communicator" as an NNTP server. Steps to Reproduce: 1. Spawn the Account Wizard, create an NNTP account. 2. In the server window, enter "secnews/netscape.communicator" as your NNTP server. 3. Click Finish. Expected: A non-existant news server is created in the Folder Pane, which is not subscribable) Actual: We crash. Stack coming. Note: The correct name for this server is "secnews.netscape.com". In the above example, the user *might* be thinking they can put a newsgroup name in here, after the name of the server. I highly doubt it, but in any case, we should either escape the "/". - string.replace("/", ""); Would that work? I'm sure there's a better solution though.
Reporter | ||
Comment 1•23 years ago
|
||
Talkback is down, I'll step into a debug build and grab a stack.
Reporter | ||
Updated•23 years ago
|
QA Contact: esther → stephend
Reporter | ||
Comment 2•23 years ago
|
||
Updated•23 years ago
|
Priority: -- → P3
Whiteboard: [nsbeta1+]
Target Milestone: --- → mozilla0.9.1
Reporter | ||
Comment 3•23 years ago
|
||
Comment 4•23 years ago
|
||
We should show an alert saying that we couldn't connect to the specified server.
Comment 5•23 years ago
|
||
I misunderstood, ignore my above comments. When I tried this I crashed immediately upon OKing the Account Wizard as noted. I am investigating now...
Comment 7•23 years ago
|
||
Comment 8•23 years ago
|
||
So, this bug is really about bullet-proofing and making it so we don't load corrupt server URIs. I will try my hand at it.
Assignee: sspitzer → hwaara
Comment 9•23 years ago
|
||
Fixing summary. Adding jpatel for possible talkback info.
Summary: Crash in Account Wizard, with "secnews/netscape.communicator" as an NNTP server. → crash [@ nsMsgNewsFolder::GetNntpServer()] when trying to load bogus NNTP server URIs
Updated•23 years ago
|
Priority: P3 → P1
Comment 10•23 years ago
|
||
I sent a patch/workaround and a description of it to Seth this past week. Still waiting for info on how to proceed on this...
Reporter | ||
Comment 11•23 years ago
|
||
*** Bug 80091 has been marked as a duplicate of this bug. ***
Assignee | ||
Comment 12•23 years ago
|
||
taking back, working on the fix for this. need to fix some news code and some account wizard stuff.
Assignee: hwaara → sspitzer
No longer depends on: 80519
Comment 13•23 years ago
|
||
What!? What about the patch I sent you two weeks ago that you still hasn't commented?
Assignee | ||
Comment 14•23 years ago
|
||
calm down. I just sent you private about your patch. summary: the first thing to do is to fix the account wizard. working on that now.
Status: NEW → ASSIGNED
Assignee | ||
Comment 15•23 years ago
|
||
for the account wizard problem, we are blocked bug 80519. if that were fixed, we could land the attached patch. todo for this patch is to extend hostnameIsIllegal() to cover more than "/". I think rfc 952 covers all the rules. see http://www.netsys.com/sunmgr/1998-08/msg00178.html of course, IP address would also be legal for server hostnames. some form of hostname checking may already live in mozilla, so we should look for it first. there still may be more crashers lurking after this patch. for example, a bogus news://host/message-id or news://host or news://host/group url does not go through the account manager. I'll have to try those cases out to see if more work needs to be done. but in any case, I'm going to wait until #80519 is fixed.
Assignee | ||
Comment 16•23 years ago
|
||
Assignee | ||
Comment 17•23 years ago
|
||
moving to 0.9.2 this can wait.
Target Milestone: mozilla0.9.1 → mozilla0.9.2
Assignee | ||
Comment 18•23 years ago
|
||
new patch coming... (my old patch was the wild goose that was causing the invalid bugs that I logged.)
Assignee | ||
Comment 19•23 years ago
|
||
this patch can land (to prevent the crash) but I'll log a new bug on finishing hostnameIsIllegal() racham, can you review?
Assignee | ||
Comment 20•23 years ago
|
||
Comment 21•23 years ago
|
||
+ if (hostname == "") return true; + + // make sure hostname is valid. + // XXX TODO do a complete check. see rfc 952 + if (hostname.indexOf("/") != -1) return true; Maybe you could combine those checks, in a single if()? + if (!server) return NS_ERROR_FAILURE; I think you should return NS_ERROR_NULL_POINTER if server turns out to be null. Were there no callers you need to fix up to validate()? r=hwaara
Comment 22•23 years ago
|
||
Seth, you may want to say if (!hostname) return true; instead of if (hostname == "") return true; r=racham.
Assignee | ||
Comment 23•23 years ago
|
||
thanks for the feedback, I'll create a new patch.
Assignee | ||
Comment 24•23 years ago
|
||
Assignee | ||
Comment 25•23 years ago
|
||
here's a new patch, with more robust but not complete hostname checking. it will prevent empty hostnames, or hostnames with any illegal characters. but some illegal hostnames will still get through. (see my comment in the patch.) once this lands, I'll log a new bug to track that issue.
Reporter | ||
Comment 26•23 years ago
|
||
Before you commit, can you just change: + // bug hostname like "...." and "_" and ".111" will get by into: + //but hostnames like "...." and "_" and ".111" will get by Just for clarity, when/if others work on the code. (Sorry to nit-pick)
Assignee | ||
Comment 27•23 years ago
|
||
no no, thanks for catching my spelling / grammar mistakes. I just wish I had you to proof read my bugzilla comments, news postings, email, comments, code, etc. there is a disconnect between my brain and my hands, I swear! new patch on the way.
Assignee | ||
Comment 28•23 years ago
|
||
Assignee | ||
Comment 29•23 years ago
|
||
sr=bienvenu #80855 logged for the remaining issue.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 30•23 years ago
|
||
Verified FIXED on: Mac OS 9.1 Build ID: 2001051508 RedHat 7.0 Build ID: 2001051508 Windows 2K Build ID: 2001051504 Entering an invalid news server name such as secnews/netscape.communicator throws up an alert, "Please enter a valid hostname.", instead of crashing.
Status: RESOLVED → VERIFIED
Reporter | ||
Updated•22 years ago
|
Severity: major → critical
Updated•20 years ago
|
Product: Browser → Seamonkey
Updated•13 years ago
|
Crash Signature: [@ nsMsgNewsFolder::GetNntpServer()]
You need to log in
before you can comment on or make changes to this bug.
Description
•