New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 610275 link

Starred by 0 users
Status: WontFix
Owner:
jln@chromium.org
Last visit > 30 days ago
Closed: Dec 2016
Cc:
kojii@chromium.org
dominicc@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug



Sign in to add a comment

Direct-leak in xmlStrdup

Project Member Reported by ClusterFuzz, May 9 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5587042968272896

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: Direct-leak
Crash Address: 
Crash State:
  xmlStrdup
  xsltParseStylesheetOutput
  xsltParseStylesheetProcess
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703

Minimized Testcase (0.68 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95Do5cOMc2pK9g5tR_wu7qImUI-6_O8tl5oiYSsscu9JR-Re4oswtgwiAJZ75jdc1L8mhiYnPzEWd9LOtlUO_J6FC__SzbSO0F1tirmy5EFWbmHp1jKXNfsPM6iBS6068YHpDm-Dr7COuCgwG4_19vOJYeAPw

Additional requirements: Requires Gestures

Filer: rnimmagadda

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by rnimmagadda@chromium.org, May 9 2016

Components: Blink>XML
Labels: findit-for-crash Te-Logged M-51
Status: Untriaged (was: Available)
Unable to find the exact culprit. 

Suspecting below, but owner is not is initial.commmit (unable to find him in the owner list)

Author: initial.commit
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/584cd5cbd7be997400ccb8db24ae5410b0b88117
Time: Sun Jul 27 00:38:33 2008
The CL last changed line 45 of file xmlstring.c, which is stack frame 1.

Comment 2 by rnimmagadda@chromium.org, May 9 2016

Labels: Needs-triage

Comment 3 by kojii@chromium.org, May 16 2016

Labels: -Pri-2 Pri-3
Status: Available (was: Untriaged)

Comment 4 by kojii@chromium.org, May 16 2016

Cc: kojii@chromium.org

Comment 5 by thestig@chromium.org, Jul 16 2016

Cc: dominicc@chromium.org
Labels: -Needs-triage -M-51

Comment 6 by mmohammad@chromium.org, Aug 31 2016

Labels: -ClusterFuzz -findit-for-crash Clusterfuzz Findit-for-crash
Owner: jln@chromium.org
Status: Assigned (was: Available)
jln@ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !
Project Member

Comment 7 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 8 by ClusterFuzz, Dec 22 2016

Status: WontFix (was: Assigned)
ClusterFuzz testcase 5587042968272896 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment