Closed Bug 4041 Opened 26 years ago Closed 26 years ago

Crash in CNavDTD::CloseTopmostContainer(), see comment...

Categories

(Core :: DOM: HTML Parser, defect, P3)

defect

Tracking

()

VERIFIED FIXED

People

(Reporter: jst, Assigned: rickg)

References

()

Details

Gecko hits the NS_PRECONDITION() in CNavDTD::CloseTopmostContainer() when loading the URL. The reason seems to be in CNavDTD::ReduceContextStackFor(), the while loop has "theTopTag!=kNotFound" in the expression but theTopTag can never get the value kNotFound (=-1). It gets its value from mBodyContext->Last() (nsDTDContext::Last(), that calls nsTagStack::Last()), the value it gets if there's no context is eHTMLTag_unknown (=0). Changing the "theTopTag!=kNotFound" to "theTopTag!=eHTMLTag_unknown" in CNavDTD::ReduceContextStackFor() fixes the crash but I don't know if this is the correct fix...
Status: NEW → ASSIGNED
The real problem has to do with the fact that the page includes a <noframe> tag, which is not legal HTML. The correct tag is <noframes>. The DTD is exploding because its trying to allow a <BR> to be placed into a <frameset>, which is also not legal. For now, I will discard bad content such as this to prevent the crash. Later, I will update the system so that such cases are handled by wrapping bad content in a <noframes> element.
Status: ASSIGNED → RESOLVED
Closed: 26 years ago
Resolution: --- → FIXED
Will be fixed in monday build. I'll check it in after carpools land.
QA Contact: 3847 → 4141
Attempting to steal gem's HTMLParser bugs all at once. Changing QAContact to janc.
Status: RESOLVED → REOPENED
Checked on build: 1999-06-21-08-M8 This URI locks up apprunner on Win98, WinNT, and MacPPC (unable to check on Linux at this moment, will check later).
Resolution: FIXED → ---
Checked on build: 1999-06-21-08-M8 This URI locks up apprunner on Win98, WinNT, and MacPPC (unable to check on Linux at this moment, will check later).
Status: REOPENED → RESOLVED
Closed: 26 years ago26 years ago
Resolution: --- → FIXED
Fixed with latest update.
Status: RESOLVED → VERIFIED
Fixed on Win98 - Build: 1999-07-06-08-M8 Fixed on NT - Build: 1999-07-06-08-M8 Fixed on Linux - Build: 1999-07-01-08-M8 Fixed on MacPPC: Build: 1999-07-06-10-M8
You need to log in before you can comment on or make changes to this bug.