thestig: Another one for you. :)

If it's TIFF, then it's XFA, and we don't have XFA turned on, yet. Punting to ochang for triaging.

Punting to foxit. The CF report has a really old crashing revision (from before XFA got turned off on HEAD).

ClusterFuzz has detected this issue as fixed in range 398351:398496.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6467474099011584

Fuzzer: attekett_dom_fuzzer
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: Heap-buffer-overflow WRITE 9
Crash Address: 0x6020000088f4
Crash State:
  FPDFAPI_inflate
  PixarLogDecode
  TIFFReadEncodedTile
  
Recommended Security Severity: High

Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=393856:393893
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=398351:398496

Minimized Testcase (3.86 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96FAOwQcJuvFrct2eUWkbXWaiCMAYXUo0XlpS9EBts0Se9SE89pzLKeQ-2zJrS2ULk5aKLaYbPEcOoVShPMmyrFOtGl9HUUPMcStDP3eZ5eI_ImZflt-E03KtBl1v_6WIgSVBbm_fHI9p50Q8X9FypQEnX5aw?testcase_id=6467474099011584

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

removing reward-topanel for Security_Impact-None bugs

Looks like an XFA issue, we should verify if it's fixed or not.

Confirmed fixed on HEAD

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot