VULNERABILITY DETAILS
Please provide a brief explanation of the security issue.

VERSION
Chrome Version: Version 55.0.2883.87 m stable
Operating System: Windows 10 Home 

REPRODUCTION CASE
When a user provides a malformed string, such as http://example.com//example.com/ and repeats it for 500 thousand characters or more the Chrome browser hangs and then Chrome shuts down completely killing all of it's processes and is unable to restore the previous tabs when it is restarted. 

This attack does not work if the website has cloudflare since they blocked it after we tested it too many times. Also, certain server configurations refuse to accept the malformed url, but after one million characters the site will either lead to the browser crashing or stop responding. If it stops responding and gives no error then a few more million lines should make the browser crash. We have reproduced this bug multiple times. We were going to try and gain control of memory, but your rules say to report early, instead of later.  If you have any questions or need help reproducing, since example.com may not reproduce the issue, we will be happy to assist and if we can find the area that has the flaw we will see if we can write a patch as well.

FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: Chrome, any tab, requires interaction with a server unless it freezes because there is too much text in the browser url address. 
Crash State: 
 

Deleted: example-dot-com.txt 569 KB

example-dot-com.txt 569 KB View Download