Closed
Bug 798937
Opened 12 years ago
Closed 12 years ago
segfault when browsing to moz-icon uri scheme
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 789059
People
(Reporter: freddy, Unassigned)
Details
(Keywords: crash, regression)
Crash Data
When I open a new tab and enter the following URI, firefox crashes: moz-icon://unknown?size=16 I couldn't make any of the obvious content inclusion (img, src, embed, object) or redirection methods (location.href, meta refresh, http 30x) work to crash the browser non-manually. Although I had some unreliable instant crashes with tabs loading after a browser restart. Sorry for being a little incomplete here, I didn't know which component to pick. Would you be so kind and sort it out for me? Also, I am not sure whether this is an actual security problem, but I'd rather have this crash be private and then lifted than the other way around
Comment 1•12 years ago
|
||
Can you submit a crash report and paste the crash report id here?
Comment 2•12 years ago
|
||
In a debug OSX Nightly and Aurora but not Beta build I get: Assertion failure: false (All IPDL URIs must be serializable or an allowed scheme!), at /work/mozilla/builds/nightly/mozilla/ipc/glue/URIUtils.cpp:83 I don't crash with an opt OSX Nightly or Aurora though.
Comment 3•12 years ago
|
||
I reproduced the assertion on a recent Nightly debug build on rhel6 64bit but not with a build from today. On a recent Nightly opt build I got bp-44c35d41-c57b-44e4-8c4e-b6f192121007 Firefox 18.0a1 Crash Report [@ nsACString_internal::EqualsASCII ] looks like a dupe of 789059. bug 789059 was fixed yesterday, so this should be fixed in today's nightly. freddyb: Can you reproduce with a nightly build from today? If so, please reopen.
Group: core-security
Status: NEW → RESOLVED
Crash Signature: [@ nsACString_internal::EqualsASCII ]
Closed: 12 years ago
Resolution: --- → DUPLICATE
Updated•12 years ago
|
Keywords: regressionwindow-wanted
Reporter | ||
Comment 4•12 years ago
|
||
It's fixed in the current nightly, thanks for sorting it out :)
You need to log in
before you can comment on or make changes to this bug.
Description
•