Bug 100535

Summary: extremely long url gets mozilla to stop responding
Product: [Fedora] Fedora Reporter: Alexandre Oliva <oliva>
Component: mozillaAssignee: Christopher Aillon <caillon>
Status: CLOSED INSUFFICIENT_DATA QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-10-29 14:10:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Mangled URL displayed after the search is submitted none

Description Alexandre Oliva 2003-07-23 07:20:35 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030703

Description of problem:
A huge URL, like one created with a brain-dead bugzilla query, gets mozilla into
a very confused state.  This might be exploitable.

Version-Release number of selected component (if applicable):
mozilla-1.4-12

How reproducible:
Always

Steps to Reproduce:
1.Enter the simple query page at https://bugzilla.redhat.com
2.Choose say Red Hat Linux Beta, beta1, then select all packages in the list
(click on first package, scroll to the last one and shift-click on it)
3.Submit the query
4.Click on `back'

Actual Results:  The URL displayed after step 3 is completely garbled, as if a
random bitmap had been drawn in its place.  The server rejects such a long URL,
but that's fine.  After clicking on the back button, mozilla starts consuming
CPU like crazy, and it won't refresh its window any more, and has to be killed.

Expected Results:  At least part of the URL should be displayed properly, and
going back shouldn't hang the browser.

Additional info:

Dunno if this matters, but my mozilla is configured to use a local squid as the
http proxy.
Comment 1 Christopher Blizzard 2003-08-25 17:57:31 UTC 
Do you have a screenshot?
Comment 2 Alexandre Oliva 2003-08-26 04:02:43 UTC 
Created attachment 93924 [details]
Mangled URL displayed after the search is submitted
Comment 3 Warren Togami 2003-09-21 11:26:24 UTC 
I have reproduced this accidentally a few times recently, but it seems extremely
rare and difficult to trigger.
Comment 4 Alexandre Oliva 2003-10-19 20:24:37 UTC 
mozilla-1.4.1-10 seeme to no longer hang after `back', but the URL is still garbled.
Comment 5 Josh Bressers 2004-06-18 17:15:04 UTC 
I'm removing the security severity, this does not appear to be a
security related issue.
Comment 6 John Thacker 2006-10-29 14:10:57 UTC 
Please note that FC1 and FC2 are no longer supported even by Fedora Legacy, and
that FC3 and FC4 are supported by Fedora Legacy only for security issues. 
Please install a still supported version and retest.  If this still occurs on
FC3 or FC4 and is a security issue, please reopen the bug and assign it to that
version and Fedora Legacy.  If it still occurs on FC5, please reopen and assign
to the correct version.  

mozilla was removed from FC6, although the seamonkey application suite,
available from Fedora Extras, is derived from it.  Similar bugs may also be
present in firefox, so if the bug occurs with firefox in FC6, the bug should be
reassigned to FC6 and the firefox component.