Slashdot Mirror
Crash Chrome With 16 Characters
An anonymous reader writes: Remember when it took just eight characters to crash Skype? Apparently it takes double that to take out Chrome: Typing in a 16-character link and hitting enter, clicking on a 16-character link, or even just putting your cursor over a 16-character link, will crash Google's browser. To try it yourself, fire up Chrome 45 (the latest stable version) or older and put this into your address bar: http: //a/%%30%30 (without the space).
I just fired up Opera (shares the Blink engine) and gave it a try. Sure enough, it crashed and restarted. Wonder where the issue is...
New @Midnight game:
Crash a Browser in 16 Characters
"Grab them by the pussy" -- President of the United States of America
What was the question?
"That's ridiculous! No computer can handle 32 things!"
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I had the same thing happen. Also I just want to know the correct sequence of keys to push to become Freakazoid.
[6918:6918:0919/221732:FATAL:navigation_controller_impl.cc(927)] Check failed: active_entry->site_instance() == rfh->GetSiteInstance().
Doesn't crash if the url is passed as an argument. Just opens up about:blank(not default behavior)
4.1.6-1-ARCH x86_64 GNU/Linux
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
Apparently I've been neglecting Chrome on this old image for quite a long time. Chrome 21, Mac OS 10.6.8. No crash observed.
To try it yourself, fire up Chrome 45 (the latest stable version) or older [...]
Raises the question. Please.
Mostly random stuff.
Version 45.0.2454.93 (64-bit)
Did not crash. Just went back to about:blank
Death has been proven to be 99% fatal in lab rats.
creating a link this crashes and hovering the mouse over it crashes!
It seems it's the %%30%30 which causes that (this should be unescaped as "%300").
Slashdot, fix the reply notifications... You won't get away with it...
"Browser Golf."
"I'd just like to emphasise that taking a million years isn't a metaphor here..." -Rich Bradshaw
I type //a/%%30%30 all the time! (It's the combination to my luggage)
I don't read your sig. Why are you reading mine?
Sure... the older something is, the higher its age... so Chrome 44 is younger than Chrome 45.
When did you break your pedantrylessness vow?
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
Okay, put //a/%%30%30 in the URL bar. Didn't crash anything.
Put it in the search box on the default search page and it puked immediately.
45.0.2454.93
Chas - The one, the only.
THANK GOD!!!
Broken link.
Minimum threshold fixed. Thanks!
Google calls the URL bar "Omnibox", and it will search Google as soon as you start typing in it. I would suspect this is causing the problem, since a regular (non-Omni) URL bar is a very simple thing.
I went to Settings to disable Omnibox and test my theory. Unfortunately there seems to be no way to disable the Omnibox in Chrome.
I do have to appreciate a rousing game of Troll Solitaire.
http://a/%2500
Piffle...
"If any question why we died, Tell them because our fathers lied."
/. rewrites the urls that does nothing.
Minimum threshold fixed. Thanks!
Chrome Version 43.0.2357.134 on Linux, just gets me a blank page.
Sean Ellis
Follow OfQuack's antics on Twitter.
Copy paste required. Otherwise good catch!
Minimum threshold fixed. Thanks!
I tried it on Internet Explorer and not only did the browser crash, it billed me for $299.95. Also, every site I browse now appears to be Russian porn.
Just cruising through this digital world at 33 1/3 rpm...
According to TFS, it should work on v45 and older. It does not crash Chromium. I entered "http: //a/%%30%30" (without the quotes) then "http://a/%%30%30" (without the quotes) into the address bar, and it just took me to the Startpage web search in both cases (as it should). FWIW, I'm using Chromium Version 44.0.2403.89 Ubuntu 14.04 (64-bit), on Xubuntu 14.04.
I'm sure it took a lot of late nights to make it that fragile.
Just cruising through this digital world at 33 1/3 rpm...
It doesn't beg any of those questions. That's not what begging the question is.
Rust cannot fix stupidity. It can add to it though, and from what I have seen of it, it does.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Mine just pulled up website with Larry Paige telling me I got the golden ticket and will am invited to tour the Google Chocolate Factory with my uncle Joe.
Some drink at the fountain of knowledge. Others just gargle.
NO crash with the current chromium on the current opensuse
the website "a/%" fallowed by two zeros is just a bad url and it tossed
"I don't pitch OpenSUSE Linux to my friends, i let Microsoft do it for me
Chromium Version 44.0.2403.89, Ubuntu 15.04. Changes "http://a/%%30%30" to "chrome://chrome/" and no apparent ill effects, including no crash. There is a reason why it is a good idea to let the Debian/Ubuntu devs do your QA for you.
When all you have is a hammer, every problem starts to look like a thumb.
Teh google used to be #1 on every new grad's hope list. Now #2 and trending down. See, no company can piss all over its public image, disrespect users and flip the finger to the volunteer development community entirely with impunity, not even teh google.
When all you have is a hammer, every problem starts to look like a thumb.
Comment removed based on user account deletion
Comment removed based on user account deletion
There's a very long record of a300 (== a%%30%30) crashes dating back to 1983. https://en.wikipedia.org/wiki/...
Some drink at the fountain of knowledge. Others just gargle.
That's... Wait... I ain't even mad, nice job.
Yea, 16 characters were not enough for me either. I also had to hit the ENTER key.
I'm an American. I love this country and the freedoms that we used to have.
Typing in a 16-character link and hitting enter, clicking on a 16-character link, or even just putting your cursor over a 16-character link, will crash Google's browser.
Gee, I typed in http://sonic.com and hit Enter, and it worked Just Fine.
Perhaps they meant to say "Typing in a particular 16-character link, clicking on a particular 16-character link, or even just putting your cursor over a particular 16-character link, will crash Google's browser."
Regrettably, it will ultimately mean what people mean it to mean.
systemd is Roko's Basilisk.
$ w3m http://a/%%30%30
w3m: Can't load http://a/%%30%30.
...just rewrites the url.
... to something more politically correct, no doubt.
#DeleteChrome
Impossible. Freakazoid was super teen extraordinaire, not super still-lives-in-his-parents'-basement-at-30 extraordinaire. ;P
Well, considering the age of the show...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
If that was German, I'd have a tasteless and really bad joke now. But this being English, the pun on younger/disciple is lost.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
If you consider http://www./ a.com/ politically correct... just some legacy code that rewrites unknown urls to some of the more common TLDs (.com, .org, etc) in an attempt to find a valid URL that matches. Actually a really crappy thing to do as you can use domains of common base folder names like images.com to pickup traffic from incorrect links so //images/whatever.jpg becomes images.com/whatever.jpg... anyone who clicks that link will end up on the wrong site. It has some great potential for some casual phishing.
Copy and paste the url into incognito mode will crash all chrome processes, not just the new window. Interesting.
"Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"
Komm schon, spucks aus
605413? Yes, it's a prime.
beggars opera
(opera 32.0.1948.25 on Arch Linux succeeds to crash and restart)
605413? Yes, it's a prime.
I can do it in 15. ftp:// works too!
Peter predicted that you would "deliberately forget" creation 2000 years ago...
Chrome 44 isn't older than Chrome 45?
Not disabling webfonts using the "--disable-remote-fonts" commandline parameter with Chrome under Windows XP will get you random Chrome crashes and even BSODs while visiting Google sites like Youtube.
Seems like an old win32k.sys vulnerability that was supposedly patched in 2009.
"Look ma, I've put the chrome in the dishwasher and now it won't facebook, what a piece of crap"
lucm, indeed.
Version 46.0.2490.33 beta (64-bit) ..
It's not broken, it's just dumb.
curl -vL http://goo.gl/5WtI0B
* Ignoring the response-body
* Connection #0 to host goo.gl left intact
* Issue another request to this URL: 'http://a/%2500'
* Could not resolve host: a
* Closing connection 1
curl: (6) Could not resolve host: a
But I couldn't get http://a/%2500 to break any of my browsers, so not sure what to do with that.
Oh, I guess goo.gl is probably sanitizing the escape sequence to %2500 , bit.ly does the same thing.
tinyurl.com does not... however it does appear to try to grab the source URL first, so http://tinyurl.com/qekdsr9 just kinda spins forever.
http://preview.tinyurl.com/qek... leads to another page with a link to http://a/%%30%30 , which will crash Chrome if you bother to scroll down and mouseover it.
As some people have sorta mentioned, the mouseover seems to just crash one tab, but actually manually typing it into the URL bar and hitting enter will crash the entire browser, just after it appears to rewrite it to %00.
Chrome v45 for Android is unaffected.
I use chromium 34.0.1847.137 and ... nothing happens when I copy/paste that url (yes - I deleted that space).
No Crash. No nothing.
So I guess Google added something to their Chrome that breaks stuff.
I'm running Chrome-stable 45.0.2454.93-1 on Fedora 21 (kernel 4.1.6-100.fc21)
It rewrote the URL as "a/%00" then paused for a moment before the window vanished. On restart, it displays the "Chrome did not shut down properly" message.
I tested it as a solo tab, then again as a 2nd and 3rd tab. Every time, it kills the entire browser. (Chrome-stable 45 on 64-bit Fedora 21)
My GalaxyS5 is not affected, and it's running Chrome 45.0.24.54.94
Tried to share the URL in FB. It seemed trying to load the link forever. Wonder whether some threads (or whatever request processing mechanism) has crashed :)
All demented fanatics ignore valid criticism.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Damn, I should've picked up New Folder.com years ago. Maybe Untitled Folder.com is still available?
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
It does not crash the copy of Chrome running on my Win7 machine. I let the machine automatically update when it feels like it; the machine is currently running Chrome 45.0.2454.93
When I paste http: //a/%%30%30 into the address bar, I seem to get a web search for 30 30, with the first two hits being .30-30 Winchester - Wikipedia & 30/30 Poetry. I get the exact same behavior pasting into the search box. So it seems the current default behavior is to treat a malformed URL as a text search.
P.S. This meme should be a bonanza for the good folks at 30/30 poetry!
--- Often in error; never in doubt!
Not exactly a common web domain... cgi.com, www.com, images.com, etc. those are fairly common. account.com would have been a great one for phishing.
Chrome crashed for me. Did you remove the space between http: & //a/%%30%30?
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
Considering the product is made by some of the best brains and from a great company and used by billions of folks, how come this bug managed to hide so long? and how it got introduced in the first place? Reading that it's the presence of a NUL char, it seems two different software modules used different abstraction of a string -- may be one using a traditional NUL terminated string [C definition] and another module could be using a String class [where length is explicitly stored along with an array of chars]. I'm just guessing here -- so a string which breaks this assumption and passed across these modules triggered the crash path. So moral of the story.. when you use apples, use only apples; don't mix apples with oranges [In this case, the apple and orange where assumed to be identical..when they are not]
This starts to look like it's somewhere between browser and OS, rather than just in the browser. Or at least requires something from the OS to trigger the bug.
~REZ~ #43301. Who'd fake being me anyway?
Edge doesn't do anything. It's like you didn't even write anything.
Wealth is the gift that keeps on giving.
reminds me of this
ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn
These days, there's enough spare CPU and virtual machines to throw around to do random-junk fuzzing, but decades ago when I was taking CS100, and we were being taught to never ever ever trust input and always check for corner cases and off-by-ones and other malformed input, we had to run most of our class programs against data sets that were designed to check whether we'd done everything correctly. Maybe your testers won't think of everything, but they ought to be putting as much effort into finding things that can go wrong and testing for them as the coders and designers are into coding and designing the code, and if you don't have enough QA people to do that, you don't have enough QA people.
A QA engineer walks into a bar and orders a beer. Orders 32768 beers. Orders -1 beers. Orders a lizard. ...
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Looks more like a bug introduced in version 45. Of everybody giving their browser version, at least in this thread, everybody with version 45 and above gets a crash, while nobody with a version below 45 does. As opposed to summary, which says it's 45 and below.
I can do it in 14:
http://a/%%300
Or in 13:
ftp://a/%%300
Or:
file:///%%300