New issue
Advanced search Search tips

Issue 905530 link

Starred by 1 user
Status: Fixed
Owner:
alph@chromium.org
Closed: Nov 16
Cc:
caseq@chromium.org
dgozman@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

DevTools: Runtime.evaluate crashes browser if some unicode characters are presented

Project Member Reported by kozy@chromium.org, Nov 15 
Chrome Version: 70.0.3538.77
OS: Linux

What steps will reproduce the problem?
(0) mkdir repro && cd repro && npm init -y
(1) npm install puppeteer
(2) run following script:

const puppeteer = require('puppeteer');
(async function() {
const b = await puppeteer.launch();
const p = await b.newPage();
p.evaluate(String.fromCharCode(65535))
})()

What is the expected result?
JavaScript exception, the same as if we call eval(String.fromCharCode(65535)) in console.

What happens instead?
Browser crashes.

You actually can use any unicode from the ranges:
64976 - 65007, 65534, 65535

Comment 1 by kozy@chromium.org, Nov 15

Cc: alph@chromium.org

Comment 2 by kozy@chromium.org, Nov 15

Description: Show this description

Comment 3 by dgozman@google.com, Nov 15

Cc: -alph@chromium.org caseq@chromium.org
Owner: alph@chromium.org

Comment 4 by alph@chromium.org, Nov 16

Status: Fixed (was: Assigned)
Fixed in ToT with https://chromium-review.googlesource.com/c/chromium/src/+/1316748
 
It was crashing at https://cs.chromium.org/chromium/src/content/browser/devtools/devtools_session.cc?sq=package:chromium&g=0&l=141
as there were no check for parsed_message is not null.

Sign in to add a comment