Custom chrome URL crashes browsers.. but why?

So, if you've been listening to the news lately I'm sure you've heard of this new Chrome trick, well, if you haven't, there's a new URL that immediately crashes chrome on just highlighting the text. It affects Windows, Linux, and Mac OS X versions of Chrome. It doesn't affect the Android versions of Chrome, though. It also affects Chrome-based web browsers like Opera.

The link is:

http://a/%%30%30

With a malicious script you can inject this into your web page, and crash anybody who runs Chrome and Chrome-based browsers, which isn't too unlikely. Chrome is the most used web browser in the world.

You don't even have to click on it. You just hover over it, and it crashes immediately. Here is a GIF animation of what happens when you hover over it, and what happens when you click it.

But why does it crash Chrome?

Well, it's actually a very simple answer, and we will break down the URL. 

The "%30%30" at the end of the url is being converted to . The reason for this is simply because 0x30 is the ASCII code for 0. The %30%30 then becomes a string of characters; the original '%', the converted 0, and the original 0. So this URL becomes ％00, which makes it a "NULL" byte. So basically what this url does is stick a NULL byyte at the end of a web address. So, that is why Chrome crashes.

It's not malicious or something that could cause irreversible damage, but its still cool to see it. :)