https://codereview.chromium.org/2022263003

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0191740cd56ba9de20ca1add6964d6b9023fd555

commit 0191740cd56ba9de20ca1add6964d6b9023fd555
Author: ochang <ochang@chromium.org>
Date: Thu Jun 02 05:46:03 2016

Roll PDFium d23df55..c324646

https://pdfium.googlesource.com/pdfium.git/+log/d23df55..c324646

BUG= 616248 , 427616 , 613623 , 616246 , 613607 
TBR=thestig@chromium.org

Review-Url: https://codereview.chromium.org/2034443002
Cr-Commit-Position: refs/heads/master@{#397297}

[modify] https://crrev.com/0191740cd56ba9de20ca1add6964d6b9023fd555/DEPS

ClusterFuzz has detected this issue as fixed in range 397239:397396.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6117475280486400

Fuzzer: tokenfuzz_pdf_march16
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Undefined-shift
Crash Address: 
Crash State:
  CPDF_MeshStream::Load
  CPDF_RenderStatus::DrawShading
  CPDF_RenderStatus::DrawShadingPattern
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=370003:370058
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=397239:397396

Minimized Testcase (30.72 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97gFzLOl5OTSR2QFjtaUKsKBaHBnns0aQhDlWfRggFniXJQVkHKhQ8DhBtmeoPRBHZzW5hJJlagVdJublBgR7gAHvc45UXklGa5Su3-fhZohR0JO_Dln_X0m2dpXxWhccb98NM9hz7yw4450SJt9TnFNwZU3pi783VubT3807ICfA98v6A

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot