Bug 192058 - URL corrupted in navigation bar
URL corrupted in navigation bar
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: firefox (Show other bugs)
6
All Linux
medium Severity medium
: ---
: ---
Assigned To: Christopher Aillon
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-17 04:58 EDT by James Hunt
Modified: 2008-01-15 09:40 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-15 09:40:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James Hunt 2006-05-17 04:58:21 EDT
Description of problem:

Visiting a particular site, and clicking a long link results in a corrupted URL
being displayed in the navigation bar.

Version-Release number of selected component (if applicable):

firefox-1.5.0.3-1.1.fc5

How reproducible:

always

Steps to Reproduce:
1. Go to this page: http://www.xfree86.org/current/xlib.html
2. Type Control-F and then type "maprequest" in search box.
3. The part of the page where the first "hit" for maprequest is found is
   a *very* long link which should occupy the entire window.
4. Click any of the text

Actual results:

URL in navigation bar changes from "http://www.xfree86.org/current/xlib.html"
to complete garbage.

Expected results:

Sane behaviour.

Additional info:

I imagine there are 2 possible explanations to this bug:

1) Buffer overflow (the link appears to be over 76,000 bytes long)
2) Redraw problem where the url is being broken up into chunks and each chunk
   is being overlayed into the URL box in the navigation bar.

I suspect (2) as the most likely as I cannot make firefox crash. Also, if you
look carefully at the corrupted URL, you'll notice that that first part of it
isn't corrupted (ie "http://ww" looks fine). I'm guessing that firefox is
writing the start of the URL into the URL box, but it is also writing the end of
the url into the box too (and right-aligning it).
Comment 1 James Hunt 2007-01-25 05:40:06 EST
This is *still* a problem in firefox 1.5.0.9 (firefox-1.5.0.9-1.fc6). Could
somebody determine if this maybe is actually a buffer overflow / security issue?

Thanks.
Comment 2 Matěj Cepl 2007-01-30 08:38:32 EST
Can reproduce with both firefox-1.5.0.9-6.el5 and epiphany-2.16.0-4.fc6 (using
the  Gecko from that firefox).
Comment 4 James Hunt 2007-04-09 17:54:57 EDT
I'm running fc6, not EL5. Problem still occurs using latest
firefox-1.5.0.10-5.fc6. Trying with epiphany-2.16.3-4.fc6 gives a different
result though: the url is still insanely long, but it doesn't get "corrupted".
The start of the URL after clicking shows:

http://www.xfree86.org/current/xlib.html#3.1.%20Visual%20TypesOn%20some%20display%20hardware,%20it%20may%20be%20possible%20to%20deal%20withcolor%20resources%20in%

However, if you focus in the URL bar, and press the END key, you get a seemingly
blank URL. However, if you use the cursor to go left and right, there is text
there - it's just not being displayed (or maybe it is, but in white?).

Can you recreate this problem? I cannot imagine it is related to my particular
environment.
Comment 5 James Hunt 2007-04-11 16:36:01 EDT
konqueror (from kdebase-3.5.6-0.1.fc6) is quite happy with the page, and handles
it perfectly.

galeon-2.0.3-6.fc6 gives the same result as epiphany, and helpfully tells me
that it is loading over 3Mb of data (that'll be the size of the URL I believe).

Hey - maybe we could get the firefox/gecko guys to use
http://www.xfree86.org/current/xlib.html as one of their test cases? I hereby
proclaim http://www.xfree86.org/current/xlib.html to be "acid3" :-)
Comment 6 Matěj Cepl 2007-12-10 04:24:56 EST
Fedora Core 6 is no longer supported, could you please reproduce this with the
updated version of the currently supported distribution (Fedora 7, 8, or
Rawhide)? If this issue turns out to still be reproducible, please let us know
in this bug report. If after a month's time we have not heard back from you, we
will have to close this bug as CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

[This is mass-filed message to all open Fedora Core 6 bugs related to Xorg or
Gecko. If you see any other reason, why this bug shouldn't be closed, please,
comment on it here.]
Comment 7 Matěj Cepl 2008-01-15 09:40:24 EST
Since there are insufficient details provided in this report for us to
investigate the issue further, and we have not received feedback to the
information we have requested above, we will assume the problem was not
reproducible, or has been fixed in one of the updates we have released for the
reporter's distribution.

Users who have experienced this problem are encouraged to upgrade to the latest
update of their distribution, and if this issue turns out to still be
reproducible in the latest update, please reopen this bug with additional
information.

Closing as INSUFFICIENT_DATA.

{This is mass-closing of all obsolete bugs; if this bug was in your opinion
closed by mistake, please, reopen it with additional information; thanks a lot
and I am sorry for bothering you in such case.}

Note You need to log in before you can comment on or make changes to this bug.