Bug 12611 - [S60] Crash when pcre stack overflows
Summary: [S60] Crash when pcre stack overflows
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 420+
Hardware: S60 Hardware S60 3rd edition
: P2 Blocker
Assignee: Nobody
URL: http://www.fi.map24.com & www.enviro.fi
Keywords: PlatformOnly
Depends on:
Reported: 2007-02-05 09:43 PST by Pat
Modified: 2020-08-14 08:50 PDT (History)
0 users

See Also:

Patch for pcre crash, when stack overflow (6.93 KB, patch)
2007-02-05 10:40 PST, Pat
yongjun.zhang: review-
Details | Formatted Diff | Diff
2nd Patch for crash (6.02 KB, patch)
2007-02-05 11:43 PST, Pat
yongjun.zhang: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Pat 2007-02-05 09:43:08 PST
Browser crashes when accessing the sites:
fi.map24.com and enviro.fi.

The JavaScriptCore/pcre has a stack overflow that causes a crash.
Comment 1 Pat 2007-02-05 10:40:18 PST
Created attachment 12936 [details]
Patch for pcre crash, when stack overflow
Comment 2 Pat 2007-02-05 10:42:46 PST
For 3.0 and 3.1 Approved TSW ID: TJPI-6XQJWP
For 3.1 Approved TSW ID: ALAA-6XSF7U

This fix will stop processing the pcre regexp when we reach a limit on the depth of recursion in the method match().  This will prevent us from reaching a stack overflow, but will diminish the functionality of the page, since the javascript is not parsed.

This solution is for a small memory device and these two web sites with abnormally huge javascript regexp requirements.  Other pages are working as designed. 
Comment 3 Yongjun Zhang 2007-02-05 11:34:54 PST
Comment on attachment 12936 [details]
Patch for pcre crash, when stack overflow

remove debug comments.
Comment 4 Pat 2007-02-05 11:43:12 PST
Created attachment 12938 [details]
2nd Patch for crash

Comments and commented out debug statements removed
Comment 5 Yongjun Zhang 2007-02-05 12:54:36 PST
Comment on attachment 12938 [details]
2nd Patch for crash

Comment 6 Bradley Morrison 2007-02-06 08:51:52 PST
(In reply to comment #5)
> (From update of attachment 12938 [details] [edit])
> r=me

landed - r19430. Keeping this open, should it go into trunk? If not,please close.
Comment 7 Bradley Morrison 2007-02-06 15:35:38 PST
landed on s60/trunk - r19440. resolved.
Comment 8 Krishna 2007-02-09 13:38:10 PST
Verified and Closed.
Comment 9 Joel Parks 2011-03-21 11:53:06 PDT
re-purposing InTSW keyword for use by QtWebkit team