Open
Bug 931883
Opened 11 years ago
Updated 2 years ago
firefox crash on firefox-default-homepage for long tooltips of long base64-Images in "pagepropertys" menu
Categories
(Core :: Graphics: Layers, defect)
Tracking
()
UNCONFIRMED
People
(Reporter: mozilla, Unassigned)
Details
(Keywords: csectype-dos)
Attachments
(1 file)
|
206.53 KB,
image/png
|
Details |
firefox-bug.png
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0 (Beta/Release) Build ID: 20130910160258 Steps to reproduce: - start Firefox: about:home (dafualt Firefox start page) - menu: extras -> Seiteninformationen (pageinformation) -> Media - select a base64 image, mouse over the addresses to see "context-help" - "fast" (about three times in 1Hz) move/switch between address-"context-help" => maybe this is a buffer-overrun? (Firefox 24.0 - Windows 7 - 64bit) Actual results: firefox crash
Summary: firefox crash on firefox-default-homepage on context-help for long adresses → firefox crash on firefox-default-homepage on context-help for long base64-Images in pagepropertys
|
||
Comment 1•11 years ago
|
||
Do you have a stack or a crash report for this crash?
1.) Not sure how to create a crash report.
2.) I can reproduct this crash on different (win7 64bit) machines!
AdapterDeviceID: 0x1244
AdapterVendorID: 0x10de
Add-ons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4,%7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5,%7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.12,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0,%7Bd10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d%7D:2.4
AvailablePageFile: 5774704640
AvailablePhysicalMemory: 1947271168
AvailableVirtualMemory: 3715747840
BuildID: 20130910160258
CrashTime: 1382996597
EMCheckCompatibility: true
Email:
InstallTime: 1380819000
Notes: Cisco VPN
AdapterVendorID: 0x10de, AdapterDeviceID: 0x1244, AdapterSubsysID: 26121462, AdapterDriverVersion: 9.18.13.1106
D2D? D2D+ DWrite? DWrite+ D3D10 Layers? D3D10 Layers+
ProductID: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
ProductName: Firefox
ReleaseChannel: release
SecondsSinceLastCrash: 5589
StartupTime: 1382996514
SystemMemoryUsePercentage: 54
Theme: classic/1.0
Throttleable: 1
TotalVirtualMemory: 4294836224
URL: about:home
Vendor: Mozilla
Version: 24.0
Winsock_LSP: MSAFD-Tcpip [TCP/IP] : 2 : 1 : %SystemRoot%\system32\mswsock.dll
MSAFD-Tcpip [UDP/IP] : 2 : 2 :
MSAFD-Tcpip [RAW/IP] : 2 : 3 : %SystemRoot%\system32\mswsock.dll
MSAFD-Tcpip [TCP/IPv6] : 2 : 1 :
MSAFD-Tcpip [UDP/IPv6] : 2 : 2 : %SystemRoot%\system32\mswsock.dll
MSAFD-Tcpip [RAW/IPv6] : 2 : 3 :
RSVP-TCPv6-Dienstanbieter : 2 : 1 : %SystemRoot%\system32\mswsock.dll
RSVP-TCP-Dienstanbieter : 2 : 1 :
RSVP-UDPv6-Dienstanbieter : 2 : 2 : %SystemRoot%\system32\mswsock.dll
RSVP-UDP-Dienstanbieter : 2 : 2 :
VMCI sockets DGRAM : 0 : 2 :
VMCI sockets STREAM : 0 : 1 : %SystemRoot%\system32\vsocklib.dllSummary: firefox crash on firefox-default-homepage on context-help for long base64-Images in pagepropertys → firefox crash on firefox-default-homepage for long tooltips of long base64-Images in "pagepropertys" menu
|
|
||
Comment 3•11 years ago
|
||
If the crash triggers the crash reporter, then after you restart you can go to about:crashes and you'll see the crash reports that you've sent recently. If you click on one, it will give you the URL for the crash report.
|
|
||
Comment 5•11 years ago
|
||
Thanks! Here are the top two stack frames: CDXGISwapChain::ResizeBuffers(unsigned int,unsigned int,unsigned int,DXGI_FORMAT,unsigned int) mozilla::layers::LayerManagerD3D10::VerifyBufferSize()
Component: Untriaged → Graphics: Layers
Product: Firefox → Core
(crash report of Firefox 25.0 for this report) https://crash-stats.mozilla.com/report/index/273c23e1-d97e-41a8-abc0-981892131030
|
||
Comment 7•11 years ago
|
||
Crash stacks show a null deref, so a stability issue rather than a security worry
Group: core-security
Keywords: csec-dos
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•