Opened 3 years ago

Closed 3 years ago

#19515 closed defect (fixed)

Hardened Tor Browser Crash (AddressSanitizer: stack-buffer-overflow)

Reported by: pege Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Critical Keywords: tbb-crash, ff45-esr-will-have
Cc: gk, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hardened Tor Browser crashes when I visit http://physioflex.ch/.

Steps to reproduce:

  1. open Hardened Tor Browser 6.5a1
  2. set security slider to "Medium-Low"
  3. open http://physioflex.ch/
  4. wait for the crash (no need to do anything)

Error message:
=================================================================
==537696==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f7e818fa240 at pc 0x7f7ea152ae7a bp 0x7f7e818fa180 sp 0x7f7e818fa178
READ of size 4 at 0x7f7e818fa240 thread T28 (Compositor)
ASAN:SIGSEGV
==537696==AddressSanitizer: while reporting a bug found another one. Ignoring.
Jun 27 18:18:45.000 [notice] Owning controller connection has closed -- exiting now.
Jun 27 18:18:45.000 [notice] Catching signal TERM, exiting cleanly.

Child Tickets

Change History (4)

comment:1 Changed 3 years ago by mcs

Cc: gk mcs added
Component: - Select a componentApplications/Tor Browser
Owner: set to tbb-team

comment:2 Changed 3 years ago by gk

Keywords: tbb-crash ff45esr-will-have added
Priority: MediumVery High
Severity: NormalCritical

Thanks. This is https://bugzilla.mozilla.org/show_bug.cgi?id=1268854 and the fix already landed on ESR45. We'll pick it up with 45.3.0.

comment:3 Changed 3 years ago by gk

Keywords: ff45-esr-will-have added; ff45esr-will-have removed

comment:4 Changed 3 years ago by gk

Resolution: fixed
Status: newclosed

This got fixed by our switch to 45.3.0esr.

Note: See TracTickets for help on using tickets.