Null pointer dereference when saving ftp resource to disk

Support and discussions for the x86/x64 Linux version of Pale Moon and specific Linux distribution questions related to the browser.

Moderator: trava90

Forum rules
If your question is about general use of the browser and not specific to Linux, then please use the General Support board.
Post Reply
User avatar
Veit Kannegieser
Newbie
Newbie
Posts: 3
Joined: 2019-03-23, 19:16

Null pointer dereference when saving ftp resource to disk

Post by Veit Kannegieser » 2021-01-09, 15:59

Hello,
i see Pale Moon debian, 64 bit closing when saving a ftp resource to local disk.
Starting in safe mode, or creating a new profile did not help.
I work with local ftp servers here, but it is also reproducible using
<ftp://ftp.elf.stuba.sk/HEADER.txt>
Attachments
edb showing dereference of zero rdi
edb showing dereference of zero rdi
gdb.log
gdb log with backtrace
(6.24 KiB) Downloaded 3 times

vannilla
Board Warrior
Board Warrior
Posts: 1391
Joined: 2018-05-05, 13:29

Re: Null pointer dereference when saving ftp resource to disk

Post by vannilla » 2021-01-09, 16:03

I'm not getting anything when I try to save the file to disk.
Can you tell us the steps you take when it happens?

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 28832
Joined: 2011-08-28, 17:27
Location: Tranås, SE
Contact:

Re: Null pointer dereference when saving ftp resource to disk

Post by Moonchild » 2021-01-09, 16:15

Confirmed, this is a crash in the DOM security check for ftp subresource loading.
You can work around it by disabling the crashing check: Set pref security.block_ftp_subresources to false.
Opened Issue #1710 (UXP) to track this.
"Son, in life you do not fight battles because you expect to win, you fight them merely because they need to be fought." -- Snagglepuss
Image

vannilla
Board Warrior
Board Warrior
Posts: 1391
Joined: 2018-05-05, 13:29

Re: Null pointer dereference when saving ftp resource to disk

Post by vannilla » 2021-01-09, 17:37

After reading the issue description I got the crash too.
In my previous message I used the "Save Link As..." entry of the context menu on the provided link, so until the fix is out you can also work around the crash that way, if you don't want to mess with about:config.

User avatar
New Tobin Paradigm
Knows the dark side
Knows the dark side
Posts: 8559
Joined: 2012-10-09, 19:37
Location: Skaro

Re: Null pointer dereference when saving ftp resource to disk

Post by New Tobin Paradigm » 2021-01-09, 19:04

Even worse for me cause reasons I outlined in the issue.
Is it that you have no idea where you are going or what you're supposed to be doing right now?
Or did you just assume when you saw that timer that something in this room is capable of turning it off?

Image

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 28832
Joined: 2011-08-28, 17:27
Location: Tranås, SE
Contact:

Re: Null pointer dereference when saving ftp resource to disk

Post by Moonchild » 2021-01-09, 19:30

Crash fix will be in the next release.
"Son, in life you do not fight battles because you expect to win, you fight them merely because they need to be fought." -- Snagglepuss
Image

User avatar
vicyclefive
New to the forum
New to the forum
Posts: 1
Joined: 2021-01-17, 19:05
Contact:

Re: Null pointer dereference when saving ftp resource to disk

Post by vicyclefive » 2021-01-18, 05:58

1

You have a race condition:

You call f.isDirectory(), which returns true.
I replace the directory at path with some ordinary file.
You call f.listFiles(), which returns null.
To avoid this, say File[] files = f.listFiles(); unconditionally, and then change your if to if (files != null).

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 28832
Joined: 2011-08-28, 17:27
Location: Tranås, SE
Contact:

Re: Null pointer dereference when saving ftp resource to disk

Post by Moonchild » 2021-01-18, 07:43

Not sure what your post is about because it's lacking all context -- and has nothing at all to do with the code where this crash occurred.
"Son, in life you do not fight battles because you expect to win, you fight them merely because they need to be fought." -- Snagglepuss
Image

vannilla
Board Warrior
Board Warrior
Posts: 1391
Joined: 2018-05-05, 13:29

Re: Null pointer dereference when saving ftp resource to disk

Post by vannilla » 2021-01-18, 11:39

I think it's about non-atomic file operations, in that if the process scheduler swaps processes between the isDirectory and listFiles calls, a malicious process can create a failure in the browser.
Of course this does not explain why it was posted in this thread.

Post Reply