Midori Web Browser

Bug #700004
Comment #3

Comment 3 for bug 700004

Revision history for this message

aquanaut (thecrux) wrote on 2011-02-01:

I think https://bugs.launchpad.net/midori/+bug/700068 is a duplicate of this bug

1. Try to open url mentioned in 700068 (url is saved in history)
2. Than open new tab and type word: search
when typing browser crashed

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5bb78e0 in append_escaped_text (text=<value optimized out>, length=<value optimized out>) at gmarkup.c:2044
2044 next = g_utf8_next_char (p);
(gdb) bt full
#0 0x00007ffff5bb88e0 in append_escaped_text (text=<value optimized out>, length=<value optimized out>) at gmarkup.c:2044
        next = <value optimized out>
        p = 0x3034000 <Address 0x3034000 out of bounds>
        end = 0x1eeee2e ""
        c = <value optimized out>
#1 g_markup_escape_text (text=<value optimized out>, length=<value optimized out>) at gmarkup.c:2120
        str = 0x23dd2a0
        __PRETTY_FUNCTION__ = "g_markup_escape_text"
#2 0x000000000044f480 in midori_location_entry_render_text_cb (layout=0x1f14bc0, renderer=0x1a2aee0, model=0x17eea10,
    iter=0x7fffffffbf00, data=0x15d9030) at ../midori/midori-locationaction.c:1160
        action = 0x15d9030
        uri_escaped = 0x1df8c00 "p\260\310\001"
        uri = 0x1eeede0 "http://search.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        title = 0x284ad00 "‪TUT.BY | ПОИСК - Байнет - Книжная ярморка"
        style = 0
        desc = 0x0
        desc_uri = 0x1b2cd60 "http://<b>sear</b>"
        desc_iter = 0x1eeedeb "ch.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        temp_iter = 0x26a9f0b "ch.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        desc_title = 0x0
        str = 0x26c6a90 "sear"
        key = 0x0
        keys = 0x1cd64a0
        key_idx = 1
        start = 0x26a9f07 "search.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        skey = 0x1b79f80 ""
        temp = 0x26a9f00 "http://search.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        temp_concat = 0x7ffff73b3134 "\353+H\213E\350H\213@H\213U\314Hc\322H\301\342\003H\001\320H\213\bH\213U\300H\213E\360H\211\316H\211\307\350,\370\022"
        temp_markup = 0x7fffffffbd80 ""
        parts = 0x1f5a3f0
        offset = 11
#3 0x00007ffff7529fc7 in gtk_tree_view_column_cell_set_cell_data () from /usr/lib64/libgtk-x11-2.0.so.0
No symbol table info available.

After clearing of history ( delete from history where uri like '%search.tut.by%'; ) no crashes.

I think https://bugs.launchpad.net/midori/+bug/700068 is a duplicate of this bug

1. Try to open url mentioned in 700068 (url is saved in history)
2. Than open new tab and type word:  search
when typing browser crashed

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5bb78e0 in append_escaped_text (text=<value optimized out>, length=<value optimized out>) at gmarkup.c:2044
2044	      next = g_utf8_next_char (p);
(gdb) bt full
#0  0x00007ffff5bb88e0 in append_escaped_text (text=<value optimized out>, length=<value optimized out>) at gmarkup.c:2044
        next = <value optimized out>
        p = 0x3034000 <Address 0x3034000 out of bounds>
        end = 0x1eeee2e ""
        c = <value optimized out>
#1  g_markup_escape_text (text=<value optimized out>, length=<value optimized out>) at gmarkup.c:2120
        str = 0x23dd2a0
        __PRETTY_FUNCTION__ = "g_markup_escape_text"
#2  0x000000000044f480 in midori_location_entry_render_text_cb (layout=0x1f14bc0, renderer=0x1a2aee0, model=0x17eea10, 
    iter=0x7fffffffbf00, data=0x15d9030) at ../midori/midori-locationaction.c:1160
        action = 0x15d9030
        uri_escaped = 0x1df8c00 "p\260\310\001"
        uri = 0x1eeede0 "http://search.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        title = 0x284ad00 "‪TUT.BY | ПОИСК - Байнет - Книжная ярморка"
        style = 0
        desc = 0x0
        desc_uri = 0x1b2cd60 "http://<b>sear</b>"
        desc_iter = 0x1eeedeb "ch.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        temp_iter = 0x26a9f0b "ch.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        desc_title = 0x0
        str = 0x26c6a90 "sear"
        key = 0x0
        keys = 0x1cd64a0
        key_idx = 1
        start = 0x26a9f07 "search.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        skey = 0x1b79f80 ""
        temp = 0x26a9f00 "http://search.tut.by/?status=1&encoding=1&page=0&how=rlv&query=\312\355\350\346\355\340\377+\377\360\354\356\360\352", <incomplete sequence \340>
        temp_concat = 0x7ffff73b3134 "\353+H\213E\350H\213@H\213U\314Hc\322H\301\342\003H\001\320H\213\bH\213U\300H\213E\360H\211\316H\211\307\350,\370\022"
        temp_markup = 0x7fffffffbd80 ""
        parts = 0x1f5a3f0
        offset = 11
#3  0x00007ffff7529fc7 in gtk_tree_view_column_cell_set_cell_data () from /usr/lib64/libgtk-x11-2.0.so.0
No symbol table info available.

After clearing of history ( delete from history where uri like '%search.tut.by%'; ) no crashes.