-
Notifications
You must be signed in to change notification settings - Fork 2.3k
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crash in brave_news::parse_feed_string #26604
Labels
bug
crash
feature/brave-news
formerly brave-today
OS/Android
Fixes related to Android browser functionality
OS/Desktop
QA Pass - Android ARM
QA Pass - Android Tab
QA Pass-macOS
QA/Test-Plan-Specified
QA/Yes
release-notes/include
Milestone
Comments
rillian
added
OS/Android
Fixes related to Android browser functionality
OS/Desktop
QA/Yes
labels
Nov 7, 2022
I filed an upstream PR with a quick fix. If upstream can't respond quickly, we should switch to a fork. Other mitigations:
|
25 tasks
rillian
added a commit
to brave/brave-core
that referenced
this issue
Nov 21, 2022
Bump this dependency of the feed parser used by Brave News to avoid an array index out of bounds panic when an rss field had an angle bracket near the end. Some transitive dependencies are also updated. Resolves brave/brave-browser#26604
7 tasks
The above requires |
Verified
|
Brave | 1.47.123 Chromium: 108.0.5359.99 (Official Build) beta (x86_64) |
---|---|
Revision | 410951fc34bb4b2cbf182231f9f779efaafaf682-refs/branch-heads/5359_71@{#9} |
OS | macOS Version 13.1 (Build 22C65) |
Steps:
- installed
1.47.123
- launched Brave
- opened a new-tab window
- clicked
Customize
- clicked
Brave News
- clicked
Turn on Brave News
- pasted
https://gist.github.com/rillian/4848ee54e73890a3cbd37545c7517fd1/raw/3c0994323049b7578e5362c7a60608cb7b19202a/gistfile1.txt
into the search textfield and pressedreturn
- clicked
Get feeds from ...
- under
Sources
, clicked onFollow
onThe Hacker News
- exited the dialog
- checked my Brave News feed
Confirmed no crash, I was able to add The Hacker News
feed to Brave News, and viewed an article
example | example | example | example | example |
---|---|---|---|---|
stephendonner
added
crash
bug
feature/brave-news
formerly brave-today
QA/Test-Plan-Specified
QA Pass-macOS
labels
Dec 11, 2022
Verified on
Test Plan:
|
This was referenced Jan 12, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
bug
crash
feature/brave-news
formerly brave-today
OS/Android
Fixes related to Android browser functionality
OS/Desktop
QA Pass - Android ARM
QA Pass - Android Tab
QA Pass-macOS
QA/Test-Plan-Specified
QA/Yes
release-notes/include
Description
User reported a crash in
brave_news::parse_feed_string
. Investigation traced it to the presence of the character sequence<!
at the end of ofdescription
body in this rss feed.The voca_rs library used by our feed parser uses unchecked lookahead when stripping tags and fails a bounds-check when passed this text after entity substitution.
Steps to Reproduce
<!
at the end of the title or description fieldActual result:
Crash is observed
Expected result:
Data should be handled gracefully.
Reproduces how often:
100% reproducible with the reduced unit testcase I wrote. The live feed from the original report will likely change soon and may stop triggering the issue.
Desktop Brave version:
Initially reported in Nightly 1.47.42
Version/Channel Information:
Other Additional Information:
Miscellaneous Information:
Filed a-merezhanyi/voca_rs#21 for the upstream issue.
The text was updated successfully, but these errors were encountered: