Hi, On Sun, Oct 13, 2024 at 09:23:33PM +0200, a1ex@dismail.de wrote:
Rodrigo Arias <rodarima@gmail.com> wrote:
One thing that may be easy to try in the meanwhile is to run the same test by from a local HTTP server, so we don't use the file: DPI. If the bug persists, then it is not related with the file DPI. You can use a lightweight web server like darkhttpd.
When opening the test page with the file dpi, the issue is very easy to trigger.
When using a local webserver as you suggested, it doesn't seem to happen...
However, for example when refreshing the site: https://www.da.vidbuchanan.co.uk/blog/dram-emfi.html I still see stuff like this:
** WARNING **: CCC: call on already finished chain. Flags=CCC_Aborted IO_write, closing with pending data not sent: "ntZ1uGVvMRmC5GANpBI4569aV...
And eventual glitching and crash after many refreshes.
So, I'm not sure this is actually a dpi issue, but maybe that just exposes it more.
Ah, interesting. It seems to be time sensitive then. That's probably why I'm not able to see it. Do you have a particularly fast or slow machine?
To sum it up, I don't know shit, but guessing: A double free is leading to a buffer overrun on the chain to the data uri parser.
Yes, there is a double free, but the question is: what leads to that condition? When Dillo detects this "CCC: call on already finished chain", it should abort, as this situation should never happen. Best, Rodrigo.