Author: halcanary
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/223f70ac109b1a06a248852bfe2067848ac2a5f9
Time: Thu Jun 09 00:07:42 2016
Lines 180 of file pdf_metafile_skia.cc which potentially caused crash are changed in this cl (frame #5, "printing::PdfMetafileSkia::FinishDocument").
Minimum distance from crash line to modified line: 0. (file: pdf_metafile_skia.cc, crashed on: 177, modified: 177).

Suspected Project: chromium
Suspected Component: Internals>Printing

https://crrev.com/2067473003

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8dd6f024c76e6b34b93bbc985efdfad27fc90441

commit 8dd6f024c76e6b34b93bbc985efdfad27fc90441
Author: halcanary <halcanary@google.com>
Date: Mon Jun 13 19:40:23 2016

PdfMetafileSkia: don't rely on SkPicture::cullRect

BUG= 619371 

Review-Url: https://codereview.chromium.org/2062903002
Cr-Commit-Position: refs/heads/master@{#399507}

[modify] https://crrev.com/8dd6f024c76e6b34b93bbc985efdfad27fc90441/printing/pdf_metafile_skia.cc

ClusterFuzz has detected this issue as fixed in range 399504:399530.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5676342972776448

Fuzzer: ifratric_acrojs
Job Type: mac_asan_chrome
Platform Id: mac

Crash Type: UNKNOWN READ
Crash Address: 0x000000001110
Crash State:
  SkAutoCanvasMatrixPaint::SkAutoCanvasMatrixPaint
  SkCanvas::drawPicture
  printing::PdfMetafileSkia::FinishDocument
  
Recommended Security Severity: Medium

Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=398731:398752
Fixed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=399504:399530

Minimized Testcase (312.51 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95gLFu3LfGjp9O03gbJVIcjBlGsOfpU1e4-qzbXwiDztkAPmXFgkYAU2Ov_3NKYGT0eEbFcmYJTSqpb6ZGN-GIogpW7TdOxNKnkL-1Jt3Mzc86w6xGkWnKYe_Jjh29lLXD5lGU56A6Pjtti-7pnCqdGWkdA17EAKNfwtvc8og94UgNmy_k

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8dd6f024c76e6b34b93bbc985efdfad27fc90441

commit 8dd6f024c76e6b34b93bbc985efdfad27fc90441
Author: halcanary <halcanary@google.com>
Date: Mon Jun 13 19:40:23 2016

PdfMetafileSkia: don't rely on SkPicture::cullRect

BUG= 619371 

Review-Url: https://codereview.chromium.org/2062903002
Cr-Commit-Position: refs/heads/master@{#399507}

[modify] https://crrev.com/8dd6f024c76e6b34b93bbc985efdfad27fc90441/printing/pdf_metafile_skia.cc

Adding Merge-Triage label for tracking purposes.

Once your fix had sufficient bake time (on canary, dev as appropriate), please nominate your fix for merge by adding the Merge-Request-XX label, where XX is the Chrome milestone.

When your merge is approved by the release manager, please start merging with higher milestone label first. Make sure to re-request merge for every milestone in the label list. You can get branch information on omahaproxy.appspot.com.

- Your friendly ClusterFuzz

Regressed in 398731, initially in 53.0.2763.0 so don't need in M52, or am I missing something nparker@?

sounds right to me.

yup, my mistake.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot