Crash Chrome With 16 Characters

← Back to Stories (view on slashdot.org)

Crash Chrome With 16 Characters

Posted by timothy on Saturday September 19, 2015 @05:32AM from the you-go-first dept.

An anonymous reader writes: Remember when it took just eight characters to crash Skype? Apparently it takes double that to take out Chrome: Typing in a 16-character link and hitting enter, clicking on a 16-character link, or even just putting your cursor over a 16-character link, will crash Google's browser. To try it yourself, fire up Chrome 45 (the latest stable version) or older and put this into your address bar: http: //a/%%30%30 (without the space).

34 of 205 comments (clear)

Min score:

Reason:

Sort:

It's not just Chrome by Duckman5 · 2015-09-19 05:36 · Score: 4, Informative

I just fired up Opera (shares the Blink engine) and gave it a try. Sure enough, it crashed and restarted. Wonder where the issue is...
1. Re:It's not just Chrome by Shinobi · 2015-09-19 05:44 · Score: 2
  
  Vivaldi crashes too, on Windows and Linux.
2. Re:It's not just Chrome by FatdogHaiku · 2015-09-19 06:06 · Score: 4, Funny
  
  It's 2015 and browsers are not properly sanitizing the URL bar?
  That's why I'm waiting for the Lysol® browser...
  *Lysol® Browser does not sanitize the keyboard or mouse! :-(
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
3. Re:It's not just Chrome by beelsebob · 2015-09-19 06:19 · Score: 4, Insightful
  
  You mean "It's 2015 and developers still introduce bugs"... and frankly... no fucking shit. Yes, coding is hard. Every time you change code (and I'm sure the URL bar parsing code changes pretty regularly) you stand a chance of introducing a bug.
4. Re:It's not just Chrome by bondsbw · 2015-09-19 06:40 · Score: 4, Insightful
  
  And this is one reason it is so insensible when highly skilled software developers get worried over this idea that everyone is going to get some programming background.
  As soon as it hits the fan--and it will--they'll need someone to fix it. And in many cases it will happen over and over and over again, and push costs higher than just hiring someone to do it right to begin with.
  I'm not worried.
  
  --
  All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
5. Re:It's not just Chrome by fustakrakich · 2015-09-19 06:41 · Score: 4, Funny
  
  Every time you change code... you stand a chance of introducing a bug.
  Maybe the code doesn't want to change...
  
  --
  “He’s not deformed, he’s just drunk!”
6. Re:It's not just Chrome by pack27 · 2015-09-19 07:02 · Score: 2
  
  It doesn't just share Blink; Opera is based completely off of the Chromium source code.
  
  --
  Arch Linux master race!
7. Re:It's not just Chrome by alvinrod · 2015-09-19 07:14 · Score: 3, Insightful
  
  They probably do have some regression tests, but who would have written a unit test for an address with 16 characters in it? Some bugs are just so weird that no one even thinks to test for them.
8. Re:It's not just Chrome by beelsebob · 2015-09-19 07:40 · Score: 2
  
  In order for a regression test to catch a bug, you need to have either 1) predicted that that bug might occur, and written a test for it, or 2) encountered the bug before and written a test for it.
  You can't magically have tests that cover every possible scenario.
9. Re:It's not just Chrome by beelsebob · 2015-09-19 07:51 · Score: 2
  
  There are testing techniques that don't require you to test every possible scenario, but, in lack a of simpler them, every independent code condition.
  100% code coverage does not imply that you have 100% coverage of the possible outcomes, for example:
  int dereference(int *x) {
  return *x;
  }
  void testDereference() {
  int x = 5;
  testFrameworkAssertTrue(dereference(x) == 5);
  }
  This test provides 100% code coverage, but the code will still have undefined behaviour in a whole lot of cases.
  The number of people on the internet who think that testing is a substitute for proof and/or that it can magically eliminate all bugs is pretty terrifying.
10. Re:It's not just Chrome by Crispy+Critters · 2015-09-19 10:29 · Score: 2
  
  URL bar input seems like an obvious place to do fuzz testing. Just throw random stuff at it as fast as you can, and wait for a crash.
11. Re:It's not just Chrome by lucm · 2015-09-19 12:11 · Score: 2
  
  The number of people on the internet who think that testing is a substitute for proof and/or that it can magically eliminate all bugs is pretty terrifying.
  True. Tests will tell you if something doesn't work, not if it does work.
  Automated tests are overrated anyways, they are more like a spell-check than a writing aid. I'd rather have a roomful of nonchalant, untrained users and unleash them on my product than trust the outcome of a series of tests written by biased developers.
  
  --
  lucm, indeed.
12. Re:It's not just Chrome by Kjella · 2015-09-19 13:50 · Score: 4, Insightful
  
  True. Tests will tell you if something doesn't work, not if it does work. Automated tests are overrated anyways, they are more like a spell-check than a writing aid. I'd rather have a roomful of nonchalant, untrained users and unleash them on my product than trust the outcome of a series of tests written by biased developers.
  I think you've fundamentally misunderstood the purpose and function of tests. If I realized this code would break in some corner case, I would have handled it. No developer would write code that fails his own tests. Granted, sometimes the process of writing tests aids your understanding but in that case you'd improve the code. That is true even for test-driven design, if you don't fully understand all the conditions that need testing, the test will be flawed or incomplete and the code too. The primary function is to prevent existing, working test cases from breaking by accident. Because let's face it, we're imperfect beings working on imperfect code and I've managed to break my own code plenty of times without realizing it, not to speak of someone else's work. Or we're mashing up modules in a new way using them in ways they were never meant to work, testing is also about verifying assumptions. Also by "work" I mean defined behavior, like if you divide by zero it's not supposed to work but it's supposed to fail in a controlled way. Testing is supposed to preserve behavior when the implementation changes. If it was never planned and tested behavior in the first place, well you're going to find out it changed the hard way.
  
  --
  Live today, because you never know what tomorrow brings
13. Re:It's not just Chrome by lucm · 2015-09-19 14:30 · Score: 2
  
  I'm sorry, I was unable to read your entire paragraph because of my policy on giving up early on boring stuff but from the few sentences I've managed to handle it seems to me that you're the kind of biased developer whose tests I would trust less than a roomful of nonchalant, untrained users.
  Automated tests are truly like spell-check. They are there to catch the easy stuff, not to prevent you from writing stupid things.
  I'm fairly confident that people working on Chrome have all the bells and whistles in terms of automated tests, but see, it takes a bored (or hostile) user to figure out that typing a specific series of keys in the address bar could break the browser. Because it's stupid and completely beyond the point of the address bar. In my opinion the desired behavior of the browser in such situation is irrelevant.
  
  --
  lucm, indeed.
@Midnight by Macdude · 2015-09-19 05:47 · Score: 2

New @Midnight game:
Crash a Browser in 16 Characters

--
"Grab them by the pussy" -- President of the United States of America
Chromium 45.0.2454.93 Crashes by behrooz0az · 2015-09-19 05:51 · Score: 4, Informative

[6918:6918:0919/221732:FATAL:navigation_controller_impl.cc(927)] Check failed: active_entry->site_instance() == rfh->GetSiteInstance().
Doesn't crash if the url is passed as an argument. Just opens up about:blank(not default behavior)
4.1.6-1-ARCH x86_64 GNU/Linux

--
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
Re:Didn't crash... by monkeyhybrid · 2015-09-19 05:53 · Score: 2

To try it yourself, fire up Chrome 45 (the latest stable version) or older [...]
Interesting by hcs_$reboot · 2015-09-19 05:56 · Score: 2

creating a link this crashes and hovering the mouse over it crashes!
It seems it's the %%30%30 which causes that (this should be unescaped as "%300").

--
Slashdot, fix the reply notifications... You won't get away with it...
1. Re:Interesting by Chris+Mattern · 2015-09-19 06:36 · Score: 3, Informative
  
  Actually, it should be unescaped to %00.
2. Re:Interesting by hcs_$reboot · 2015-09-19 06:50 · Score: 2
  
  Correct, javascript doesn't unescape '%%'=>'%'...
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
Inconsiderate fool! by mspohr · 2015-09-19 06:01 · Score: 2, Funny

I type //a/%%30%30 all the time! (It's the combination to my luggage)

--
I don't read your sig. Why are you reading mine?
Re:Didn't crash... by Anonymous Coward · 2015-09-19 06:01 · Score: 5, Funny

Sure... the older something is, the higher its age... so Chrome 44 is younger than Chrome 45.
Re:Not if it's old enough. by sims+2 · 2015-09-19 06:02 · Score: 2

Chrome 26, Windows xp.
Url does not crash browser but hovering over link does crash tab.

--
Minimum threshold fixed. Thanks!
Not the URL bar, but the search page? by Chas · 2015-09-19 06:09 · Score: 2

Okay, put //a/%%30%30 in the URL bar. Didn't crash anything.
Put it in the search box on the default search page and it puked immediately.
45.0.2454.93

--

Chas - The one, the only.
THANK GOD!!!
Re:Many eyes... by Falos · 2015-09-19 06:16 · Score: 2

I do have to appreciate a rousing game of Troll Solitaire.
Tried it on Internet Explorer by JustAnotherOldGuy · 2015-09-19 06:25 · Score: 4, Funny

I tried it on Internet Explorer and not only did the browser crash, it billed me for $299.95. Also, every site I browse now appears to be Russian porn.

--
Just cruising through this digital world at 33 1/3 rpm...
Does not crash Chromium by Anonymous Coward · 2015-09-19 06:25 · Score: 2, Informative

According to TFS, it should work on v45 and older. It does not crash Chromium. I entered "http: //a/%%30%30" (without the quotes) then "http://a/%%30%30" (without the quotes) into the address bar, and it just took me to the Startpage web search in both cases (as it should). FWIW, I'm using Chromium Version 44.0.2403.89 Ubuntu 14.04 (64-bit), on Xubuntu 14.04.
1. Re:Does not crash Chromium by bbruun · 2015-09-19 06:41 · Score: 2
  
  Same here on 44.0.2403.155 (64bit).
  Using the http://a/%2500 version just brings up a blank page and using just //a/%%30%30 brings up an unknown file page
  I'm fustrated, has /. become a text version of bad tumblr GIF's?
I got the golden ticket by goombah99 · 2015-09-19 06:28 · Score: 5, Funny

Mine just pulled up website with Larry Paige telling me I got the golden ticket and will am invited to tour the Google Chocolate Factory with my uncle Joe.

--
Some drink at the fountain of knowledge. Others just gargle.
Not another a300 crash by goombah99 · 2015-09-19 07:03 · Score: 2

There's a very long record of a300 (== a%%30%30) crashes dating back to 1983. https://en.wikipedia.org/wiki/...

--
Some drink at the fountain of knowledge. Others just gargle.
Gee, I tried a 16-character URL and it worked fine by Guy+Harris · 2015-09-19 07:18 · Score: 3, Informative

Typing in a 16-character link and hitting enter, clicking on a 16-character link, or even just putting your cursor over a 16-character link, will crash Google's browser.
Gee, I typed in http://sonic.com and hit Enter, and it worked Just Fine.
Perhaps they meant to say "Typing in a particular 16-character link, clicking on a particular 16-character link, or even just putting your cursor over a particular 16-character link, will crash Google's browser."
Re:Firefox... by 93+Escort+Wagon · 2015-09-19 08:16 · Score: 2

...just rewrites the url.
... to something more politically correct, no doubt.

--
#DeleteChrome
Re:Firefox... by JMJimmy · 2015-09-19 08:49 · Score: 2

If you consider http://www./ a.com/ politically correct... just some legacy code that rewrites unknown urls to some of the more common TLDs (.com, .org, etc) in an attempt to find a valid URL that matches. Actually a really crappy thing to do as you can use domains of common base folder names like images.com to pickup traffic from incorrect links so //images/whatever.jpg becomes images.com/whatever.jpg... anyone who clicks that link will end up on the wrong site. It has some great potential for some casual phishing.
Incognito Mode by Pikoro · 2015-09-19 10:21 · Score: 2

Copy and paste the url into incognito mode will crash all chrome processes, not just the new window. Interesting.

--
"Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"