Browser Crash on text copy with Symantec and EMET
Reported by
shtyc...@gmail.com,
Jun 8 2017
|
||||||||||||
Issue descriptionVULNERABILITY DETAILS Full Browser crash, all windows, all tabs. I don't really have time to try to escalate the crash. VERSION Chrome Version: Version 59.0.3071.86 (Official Build) (64-bit) Operating System: Windows 7 Enterprise SP1 REPRODUCTION CASE I searched for a URL encoded string "https%3A%2F%2Flpages.svb.com%2FEvent-TheAiPoweredEnterprise_VCs_MainLandingPage.html&data=01%7C01%7Cghoyem%40iqt.org%7C144ec98eac7d4a321aca08d4778230c1%7C48f0f988108345a8a724202b255cce64%7C0&sdata=skqj%2Bw53%2FXQ6pEIRs%2BoGNe0j3TcjQ9h0YklfMGTE7ls%3D&reserved=0". The search returned results. When I attempted to highlight and copy (ctrl+c not right-click) the link back out of the search field on the search results page, all four browser windows crashed together. Chrome restored properly FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION Type of crash: browser Crash State: see attached .dmp files Client ID (if relevant): n/a Problem Signature: Problem Event Name: BEX64 Application Name: chrome.exe Application Version: 59.0.3071.86 Application Timestamp 59322310 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2bcac Exception Offset: 0000000000070468 Exception Code: c0000417 Exception Data: 0000000000000000 OS Version: 6.1.7601.2.1.0.256.4 Locale ID: 1033 Additional Information 1: 9e86 Additional Information 2: 9e86c09459e38f84840238c18b57f52d Additional Information 3: 9056 Additional Information 4: 90568663b0b6b60399e96965900f6329
,
Jun 8 2017
Is your browser configured to report crashes to Google? If so, can you open chrome://crashes and update this report with the "Uploaded Crash Report ID"?
,
Jun 8 2017
I enabled crash reporting, and crashed Chrome again. Unfortunately none of these crashes are showing up in chrome://crashes.
,
Jun 8 2017
The first DMP file: DEFAULT_BUCKET_ID: NULL_POINTER_READ_IN_CALL LAST_CONTROL_TRANSFER: from 0000000072b204f6 to 0000000072b20468 STACK_TEXT: 00000000`0032e5f0 00000000`72b204f6 : 0000e07a`238bf884 00000000`ea5fc0f2 00000000`0032e708 00000000`72ad20da : msvcr100!_invoke_watson+0x18 00000000`0032e620 00000000`72b20519 : 00000000`00000022 00000000`0032ebe9 00000000`000032b0 00000000`00000000 : msvcr100!_invalid_parameter+0x6e 00000000`0032e660 00000000`72ae69d8 : 0000e07a`238bfb04 00000000`00000000 000007fe`f1ae1470 00000000`000032b0 : msvcr100!_invalid_parameter_noinfo+0x19 00000000`0032e6a0 000007fe`f1a8305d : 00000000`0032ebb0 00000000`00000000 00000000`00000000 00000000`00000101 : msvcr100!wcscpy_s+0x30 00000000`0032e6d0 00000000`0032ebb0 : 00000000`00000000 00000000`00000000 00000000`00000101 00000000`00000000 : clpbm64+0x305d 00000000`0032e6d8 00000000`00000000 : 00000000`00000000 00000000`00000101 00000000`00000000 00000000`000000aa : 0x32ebb0 clpbm64.dll appears to be a Symantec module injected into the process (http://www.shouldiremoveit.com/NYL-AgentInstall64-69207-program.aspx), which calls an API in the runtime library with an illegal parameter. The dump also shows that EMET is installed, which historically has exhibited some level of compatibility problems with Chrome, although this doesn't look like one of them.
,
Jun 8 2017
wfh@, question: How do we normally handle crashes due to AV in the security queue?
,
Jun 9 2017
,
Jun 9 2017
,
Jun 13 2017
Kicking into stability queue
,
Jun 20 2017
Tested this issue on on Windows-7 using chrome latest stable #59.0.3071.104 & canary #61.0.3115.4 by following steps : 1.Searched for a URL encoded string "https%3A%2F%2Flpages.svb.com%2FEvent-TheAiPoweredEnterprise_VCs_MainLandingPage.html&data=01%7C01%7Cghoyem%40iqt.org%7C144ec98eac7d4a321aca08d4778230c1%7C48f0f988108345a8a724202b255cce64%7C0&sdata=skqj%2Bw53%2FXQ6pEIRs%2BoGNe0j3TcjQ9h0YklfMGTE7ls%3D&reserved=0". The search returned results. 2. Highlighted and copy (Using ctrl+c only) the link back out of the search field on the search results page and did not observe any Crash shtychkn@:Please find the screencast and let us know if anything missed here to reproduce the issue. Thanks..!!
,
Jun 20 2017
mmanchala: I was just able to reproduce it in Version 59.0.3071.104 (Official Build) (64-bit) The versions of software possibly involved: Symantec DLP 14.5.0.24028 Symantec EndPoint 12.1.7004.6500 EMET 5.5
,
Jun 20 2017
Thank you for providing more feedback. Adding requester "mmanchala@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 27 2017
Unable to reproduce the issue on Windows-7 using chrome latest stable #59.0.3071.104 & canary #61.0.3141.0 by following steps : 1.Searched for a URL encoded string "https%3A%2F%2Flpages.svb.com%2FEvent-TheAiPoweredEnterprise_VCs_MainLandingPage.html&data=01%7C01%7Cghoyem%40iqt.org%7C144ec98eac7d4a321aca08d4778230c1%7C48f0f988108345a8a724202b255cce64%7C0&sdata=skqj%2Bw53%2FXQ6pEIRs%2BoGNe0j3TcjQ9h0YklfMGTE7ls%3D&reserved=0" >> search returned results. 2. Highlighted and copied (Using ctrl+c only) the link back out of the search field on the search results page and did not observe any Crash shtychkn@:Please find the attached screencast and let us know if anything missed here to reproduce the issue. Thanks..!!
,
Jun 27 2017
It looks like you covered it. It must be caused by another piece of software that is installed on the system.
,
Jun 27 2017
Thank you for providing more feedback. Adding requester "rkalavakuntla@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 27 2017
Re #12: To be clear, did you have EMET and Symantec products installed when you confirmed that this didn't repro?
,
Jul 6 2017
I'm sorry, was that question for me or rkalavakuntla
,
Jul 7 2017
@elawerence: Yes, I have products installed while confirming.. The versions of software involved: Symantec DLP 14.5.0.24028 Symantec EndPoint 12.1.7004.6500 EMET 5.5
,
Sep 26 2017
elawrence@ your query has answered in comment #17, Could you look into it and update the latest info.
,
Oct 3 2017
Unfortunately, I don't think there's anything actionable for the Chrome team here, as the crashing code appears to be in the third-party Symantec product. |
||||||||||||
►
Sign in to add a comment |
||||||||||||
Comment 1 by shtyc...@gmail.com
, Jun 8 2017