Closed Bug 88746 Opened 24 years ago Closed 24 years ago

Mozilla appears to hang because of bad charset in javascript.

Categories

(Core :: DOM: HTML Parser, defect)

Product:
Core
Component:
DOM: HTML Parser
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED

People

(Reporter: Deinst, Assigned: harishd)

References

(
URL
)

Details

Attachments

(6 files)

Javascript for testcase
33 bytes, text/plain
Details
testcase
615 bytes, text/html
Details
testcase2
615 bytes, text/html
Details
patch for second bug
1.01 KB, text/html
Details
patch for the first bug
1.25 KB, patch
Details | Diff | Splinter Review
patch v1.3
1.18 KB, patch
Details | Diff | Splinter Review
From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2+) Gecko/20010701 BuildID: 2001070108 Attempting to load the details on the debian woody freeze causes mozilla to appear to never stop loading. Running in a debug build one sees that an assertion is triggered in nsScriptLoader.cpp line 715 "Could not convert external JavaScript to Unicode!". Tracing this back we see that the cause is the following line in the generated html <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset="> which causes the nsDocument to have a charset of "> I am not sure whether this is a parse error in the parser, or in nsDocument, but I do not know which component nsDocument lives in, so parser has got it. Reproducible: Always Steps to Reproduce: 1. Load suggested URL 2. Wait 3. Actual Results: White screen and loading behavior. Expected Results: Interesting informative much awaited article.
Ok, it is at least partially the parser. The code in nsParser::DetectMetaTag is the culprit in this case. Also, the code in nsParser::DetectMetaTag seems strange, do { ... tagStart = tagEnd; tagEnd = end; } while (tagStart != end); return PR_FALSE; Is mozilla intentionally checking only the first meta tag? When I get time, I'll see what happens with a malformed charset in other than the first meta tag. Looking at the other end of this problem, shouldn't the javascript people do something other than fall over dead in the presence of a charset that they don't understand? UTF-8 or ISO-8859-1 seem to be popular guesses.
Reassigning bug to vidur.
Assignee: harishd → vidur
Please ignore my comments about the do while. It was 1:30 am. There is a bug with parsing malformed <meta Content-Type tags though.
Taking back.
Assignee: vidur → harishd
Attached file testcase
Attached file testcase2
Attached file patch for second bug
There are two bugs, and two testcases. The first testcase appears to freeze because the charset was parsed as "> and javascript fell over and died. The second testcase does not appear tof freeze. This could be considered a good thing, but it doesn't freeze because only the first meta tag was being parsed. The bug causing only one meta tag to be parsed is fixed in the accompanying patch. I have a fix for the stringTokenizer, but I want to ensure that it doesnt destroy anything else.
Ok, the patch for the first bug does two things. It keeps the tokenizer from reading past the end of the buffer, which I am prettty sure is correct, and it ignores the trailing quote that is given to us by the tokenizer. It may be better to have the tokenizer report the shorter length in the case that taget is a quote, kSkipQuotes is true and the last character read is a quote. This is the only place that it seems to matter, so that's where I fixed it. I'm going to submit another bug about the behavior of the scriptLoader.
Keywords: patch
Attached patch patch v1.3Splinter Review
Ok, It is simple will and work I will grant you that. As somone who has to read the code with little to no preparation the idea of pushing orselves past the end of the buffer by mistaking a trailing quote for a leading one is a bit unsettling though.
r/sr=vidur
Fix checked in to the TRUNK.
And by the way, this was r=heikki...
Depends on: 81253
Marking FIXED.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Verified on: build: 2001-07-02-04-Trunk platform: WinNT The above url loads fine. The browser does not load 1st test case and keeps trying. The 2nd test case loads fine.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: