Development > Fixed or Bogus Bugs
Chrome NULL terminator crashes pages
Insanity01:
You can crash chrome by going to the url: http://a/%%30%30
Furthermore, just hovering over such a URL will crash the tab. Now this is an issue in chromium and thus of little relevance to you. However, it does affect your forum engine in a larger way than I have found on other websites.
When you enter the following as your profile signature, we have some bad behaviour.
--- Code: ---[img]http://a/%%30%30[/img]
--- End code ---
After entering that as my profile picture, any page on which I had left a comment would crash. I get that this is kind of an issue in chromium, but it seems to me that having a check to make sure the URL does not contain a malicious string of this kind would be a good thing. I get why this happens - you probably send a GET request to the URL I have entered each time I load a page where I commented, which results in the rather unwanted behaviour. I also get that this problem *should* get fixed by the chromium developers but not everyone updates their browser!
Anyway, I just thought I'd leave this here, even if you guys decide to just wait untill it gets fixed in chromium!
♦ Ninja ZX-10RR ♦:
Insanity01,
Thank you for your report... I have to admit I was like "Huh?" when I was reading it and couldn't believe it until I actually hovered that link and saw Chrome crashing in front of me... Well, I sent them a rather angry feedback about it.
By the way it's not really a SimplePortal bug, and not even an SMF one. However, since it does affect the whole forum software itself, I'd say it should be addressed by the SMF devs, so that *everyone* can have a fix for that, because if we fix it on our end then only SimplePortal users will have it fixed.
Note: credits to BurkeKnight, it also crashes on Opera (because it's based on Chrome).
Regards
Insanity01:
--- Quote from: ♦ Ninja ZX-10RR ♦ on September 20, 2015, 08:09:26 PM ---Insanity01,
Thank you for your report... I have to admit I was like "Huh?" when I was reading it and couldn't believe it until I actually hovered that link and saw Chrome crashing in front of me... Well, I sent them a rather angry feedback about it.
By the way it's not really a SimplePortal bug, and not even an SMF one. However, since it does affect the whole forum software itself, I'd say it should be addressed by the SMF devs, so that *everyone* can have a fix for that, because if we fix it on our end then only SimplePortal users will have it fixed.
Note: credits to BurkeKnight, it also crashes on Opera (because it's based on Chrome).
Regards
--- End quote ---
That's an error of my part, I wasn't sure where to post this. I figured either SP or SMF, and I opted for this one. But yes, it should be globally solved for people running the software.. Furthermore, I think that this might open the road for other security issues - as I don't have to hover over the link anymore to make it crash. Anyone opening a thread where I commented will just crash - without even my signature being seen by them. I'm not sure if this raises other security issues - but I will check this out a bit further and if I find any more things I can 'break' with this approach, I'll post it on SMF or here for sure.
Thanks for your feedback, and I hope this ends up at the right party to solve this issue.
Regards,
Dylan
♦ Ninja ZX-10RR ♦:
I posted it immediately on sm.org after you opened the topic already :) http://www.simplemachines.org/community/index.php?topic=539935.0
They will yell at you if you say there are security issues though :P I also think it can be somewhat annoying, but I don't get the insta-crash when I open this topic at least.
Regards
ccbtimewiz:
You can add this into the word censors of your board:
--- Code: ---http://a/%
--- End code ---
This will prevent users from using the link at all in their signatures and posts.
You can also edit the parse_bbc function and modify how it produces URL, IMG, and IURL, if for whatever reason you don't want to use the board censors.
In /Sources/Subs.php
There are 6 instances.
Find:
--- Code: --- $data = \'http://\' . $data;
--- End code ---
Replace with:
--- Code: --- $data = \'http://\' . $data;
$data = str_replace(array(\'http://a/%\', \'https://a/%\'), array(\'http://\', \'https://\'), $data);
--- End code ---
However, this issue will most likely be fixed very soon by the Chrome developers according to this source.
Navigation
[0] Message Index
[#] Next page
Go to full version