New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 0 users
Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Aug 2014
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Bug-Security
Nag



Sign in to add a comment
Use-of-uninitialized-value in _SetLum
Project Member Reported by ClusterFuzz, Jun 24 2014 Back to list
Cc: bo...@foxitsoftware.com jun_f...@foxitsoftware.com
Labels: Cr-Internals-Plugins-PDF Security_Impact-Stable Security_Impact-Beta M-37
Owner: bo...@foxitsoftware.com
Project Member Comment 2 by ClusterFuzz, Jun 24 2014
Labels: Pri-1
Owner: jun_f...@foxitsoftware.com
I'll handle this one.
Comment 4 Deleted
Project Member Comment 5 by ClusterFuzz, Jul 1 2014
Summary: Use-of-uninitialized-value in _SetLum (was: Use-of-uninitialized-value in _ClipColor)
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6004950402334720

Uploader: inferno@chromium.org
Job Type: Linux_msan_pdfium

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  - crash stack -
  _SetLum
  _RGB_Blend
  _CompositeRow_Argb2Argb
  

Minimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97OQri79Qqrz3r3eBIfjI7t3rvBpalWlIm9TvXJ0hNislmjWHSCB-vpSbh9JWDsEbkW3c3m9ptXWclLy_Rrj7EnB8WdqAEb6AZRf9LMEtimSWxX0aGW6deUyuM7dI3PSLZViwz8ixcMYZSuxKsAvYXt-O-94Q2JavJkAillE1ByYAN55sE


Comment 6 Deleted
Project Member Comment 7 by ClusterFuzz, Jul 7 2014
Labels: Nag
Status: Assigned
jun_fang@: Uh oh! This issue is still open and hasn't been updated in the last 7 days. Since this is a serious security vulnerability, we want to make sure progress is happening. Can you update the bug with current status, and what, if anything, is blocking?

If you are not the right Owner for this bug, please find someone else to own it as soon as possible and remove yourself as Owner.

If the issue is already fixed or you are to unable to reproduce it, please close the bug. (And thanks for fixing the bug!).

These nags can be disabled by adding a 'WIP' label and an optional codereview link.

- Your friendly ClusterFuzz
Seems that this issue has been fixed. I can't reproduce it now.
Project Member Comment 9 by ClusterFuzz, Jul 24 2014
jun_fang@: Uh oh! This issue is still open and hasn't been updated in the last 7 days. Since this is a serious security vulnerability, we want to make sure progress is happening. Can you update the bug with current status, and what, if anything, is blocking?

If you are not the right Owner for this bug, please find someone else to own it as soon as possible and remove yourself as Owner.

If the issue is already fixed or you are to unable to reproduce it, please close the bug. (And thanks for fixing the bug!).

These nags can be disabled by adding a 'WIP' label and an optional codereview link.

- Your friendly ClusterFuzz
Project Member Comment 10 by ClusterFuzz, Jul 28 2014
Labels: -Security_Impact-Beta
Project Member Comment 11 by ClusterFuzz, Jul 29 2014
Labels: Security_Impact-Beta
Project Member Comment 12 by ClusterFuzz, Jul 29 2014
Labels: -Security_Impact-Beta
Project Member Comment 13 by ClusterFuzz, Jul 29 2014
Labels: Security_Impact-Beta
Project Member Comment 14 by ClusterFuzz, Jul 29 2014
Labels: -Security_Impact-Beta
Project Member Comment 15 by ClusterFuzz, Jul 30 2014
Labels: -Security_Impact-Stable Security_Impact-Beta
Labels: -Security_Impact-Beta Security_Impact-Stable
Project Member Comment 17 by ClusterFuzz, Aug 3 2014
jun_fang@: Uh oh! This issue is still open and hasn't been updated in the last 7 days. Since this is a serious security vulnerability, we want to make sure progress is happening. Can you update the bug with current status, and what, if anything, is blocking?

If you are not the right Owner for this bug, please find someone else to own it as soon as possible and remove yourself as Owner.

If the issue is already fixed or you are to unable to reproduce it, please close the bug. (And thanks for fixing the bug!).

These nags can be disabled by adding a 'WIP' label and an optional codereview link.

- Your friendly ClusterFuzz
Status: Fixed
Seems that it has been fixed.
Project Member Comment 19 by ClusterFuzz, Aug 4 2014
ClusterFuzz has detected this issue as fixed in range 283414:283645.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6004950402334720

Uploader: inferno@chromium.org
Job Type: Linux_msan_pdfium

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  - crash stack -
  _SetLum
  _RGB_Blend
  _CompositeRow_Argb2Argb
  
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_msan_pdfium&range=283414:283645

Minimized Testcase (151.11 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97OQri79Qqrz3r3eBIfjI7t3rvBpalWlIm9TvXJ0hNislmjWHSCB-vpSbh9JWDsEbkW3c3m9ptXWclLy_Rrj7EnB8WdqAEb6AZRf9LMEtimSWxX0aGW6deUyuM7dI3PSLZViwz8ixcMYZSuxKsAvYXt-O-94Q2JavJkAillE1ByYAN55sE

If you suspect that the result above is incorrect, try re-doing that job on the testcase report page.

Project Member Comment 20 by ClusterFuzz, Aug 9 2014
Labels: -Restrict-View-SecurityTeam Merge-Triage M-36 Restrict-View-SecurityNotify
Adding Merge-Triage label for tracking purposes.

Once your fix had sufficient bake time (on canary, dev as appropriate), please nominate your fix for merge by adding the Merge-Requested label.

When your merge is approved by the release manager, please start merging with higher milestone label first. Make sure to re-request merge for every milestone in the label list. You can get branch information on omahaproxy.appspot.com.

- Your friendly ClusterFuzz
Labels: -M-37 -Merge-Triage -M-36 Release-0-M38 Merge-NA
Fixed with something in https://pdfium.googlesource.com/pdfium/+log/532a6a7ece21ca4ea253a196bb5c61a1861d12a0..8f75c67f4e724ba44eb3d90e4033f8cc90522273?pretty=fuller we don't know.
Project Member Comment 22 by ClusterFuzz, Nov 10 2014
Labels: -Restrict-View-SecurityNotify
Bulk update: removing view restriction from closed bugs.
Project Member Comment 23 by sheriffbot@chromium.org, Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member Comment 24 by sheriffbot@chromium.org, Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: allpublic
Sign in to add a comment