[Asan] Crash in js::AsmJSModule::deserialize / DeserializeSig
View options
Steps to reproduce:
- Open current tor browser alpha, hardened (6.5a1)
- surf on facebookcorewwwi.onion
- click somewhere to start composing a message
- as soon as you can, try to type (not sure this is required)
What happens: Tor browser crashes.
Date Time [notice] Bootstrapped 100%: Done
Date Time [notice] New control connection opened from 127.0.0.1.
Date Time [notice] New control connection opened from 127.0.0.1.
Time addons.productaddons ERROR Request failed certificate checks: [Exception... "SSL is required and URI scheme is not https." nsresult: "0x8000ffff (NS_ERROR_UNEXPECTED)" location: "JS frame :: re[/gre/modules/CertUtils.jsm](/gre/modules/CertUtils.jsm) :: checkCert :: line 145" data: no]
=================================================================
==5252==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f6dfe8c6000 at pc 0x7f6e4c3f2605 bp 0x7f6e009f23f0 sp 0x7f6e009f1ba0
READ of size 9437184 at 0x7f6dfe8c6000 thread T59 (DOM Worker)
ASAN:SIGSEGV
==5252==AddressSanitizer: while reporting a bug found another one. Ignoring.
Date Time [notice] Owning controller connection has closed -- exiting now.
Date Time [notice] Catching signal TERM, exiting cleanly.