A bug in Google’s Chrome browser causes it to crash when clicking on or mousing over a 16-character text string placed on a web page.
Clicking on or mousing over the phrase “http://a/%%30%30” (without the quote marks) when it is a link, or entering the string into the address bar and pressing Enter, causes either the current Chrome tab to crash or the whole browser, taking any work currently in progress with it.
The simple web URL bug was discovered by Andris Atteka, a security researcher from Latvia, and reported to Google on 18 September. Placing null characters, in this case %%30%30 or similar at the end of the URL causes Chrome to instantly choke through a series of attempts to rationalise the web address.
The bug affects the current release version of Chrome on Windows and OS X, but does not affect Chrome on Android devices in the Guardian’s testing, which instead simply fails to load the URL. Several reports indicate that the bug affects Android Web view – the version of Chrome that operates as part of Android to provide third-party apps such as Twitter, Facebook and others with an integrated web browser.
Chromium developers fixed the issue in the latest revision of the open-source base for Google’s Chrome today, but the fix will take time to migrate through the developer and beta builds to the most popular “stable” version of Chrome considered a full release.
While Chrome can recover lost tabs on restarting, any text or other work entered into boxes that has not been saved will likely be lost.
The bug, with a sting of text being able to cause a crash, is reminiscent of the iPhone “Effective Power” bug found earlier this year which could be used to crash iPhones by sending a message.
guardian.co.uk © Guardian News and Media Limited 2010