12611 – [S60] Crash when pcre stack overflows

Bug 12611 - [S60] Crash when pcre stack overflows

Summary: [S60] Crash when pcre stack overflows

Status:	CLOSED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	420+
Hardware:	S60 Hardware S60 3rd edition

Importance:	P2 Blocker
Assignee:	Nobody

URL:	http://www.fi.map24.com & www.enviro.fi
Keywords:	PlatformOnly

Depends on:
Blocks:

Reported:	2007-02-05 09:43 PST by Pat
Modified:	2020-08-14 08:50 PDT (History)
CC List:	0 users

See Also:

Attachments
Patch for pcre crash, when stack overflow (6.93 KB, patch) 2007-02-05 10:40 PST, Pat	yongjun.zhang: review-	Details \| Formatted Diff \| Diff
2nd Patch for crash (6.02 KB, patch) 2007-02-05 11:43 PST, Pat	yongjun.zhang: review+	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Pat 2007-02-05 09:43:08 PST

Browser crashes when accessing the sites:
fi.map24.com and enviro.fi.

The JavaScriptCore/pcre has a stack overflow that causes a crash.

Comment 1 Pat 2007-02-05 10:40:18 PST

Created attachment 12936 [details]
Patch for pcre crash, when stack overflow

Comment 2 Pat 2007-02-05 10:42:46 PST

For 3.0 and 3.1 Approved TSW ID: TJPI-6XQJWP
For 3.1 Approved TSW ID: ALAA-6XSF7U

This fix will stop processing the pcre regexp when we reach a limit on the depth of recursion in the method match().  This will prevent us from reaching a stack overflow, but will diminish the functionality of the page, since the javascript is not parsed.

This solution is for a small memory device and these two web sites with abnormally huge javascript regexp requirements.  Other pages are working as designed.

Comment 3 Yongjun Zhang 2007-02-05 11:34:54 PST

Comment on attachment 12936 [details]
Patch for pcre crash, when stack overflow

remove debug comments.

Comment 4 Pat 2007-02-05 11:43:12 PST

Created attachment 12938 [details]
2nd Patch for crash

Comments and commented out debug statements removed

Comment 5 Yongjun Zhang 2007-02-05 12:54:36 PST

Comment on attachment 12938 [details]
2nd Patch for crash

r=me

Comment 6 Bradley Morrison 2007-02-06 08:51:52 PST

(In reply to comment #5)
> (From update of attachment 12938 [details] [edit])
> r=me
> 

landed - r19430. Keeping this open, should it go into trunk? If not,please close.

Comment 7 Bradley Morrison 2007-02-06 15:35:38 PST

landed on s60/trunk - r19440. resolved.

Comment 8 Krishna 2007-02-09 13:38:10 PST

Verified and Closed.

Comment 9 Joel Parks 2011-03-21 11:53:06 PDT

re-purposing InTSW keyword for use by QtWebkit team