Suspected CLs
=============
The result is a list of CLs that change the crashed files.

Author: thestig
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/7b214237e2be6a0d962987d222c73161620c0a27
Time: Thu May 19 06:17:50 2016 -0700
Lines 351 of file fpdf_render_text.cpp which potentially caused crash are changed in this cl (frame #4, "CPDF_RenderStatus::ProcessText").
Minimum distance from crash line to modified line: 0. (file: fpdf_render_text.cpp, crashed on: 351, modified: 351).

===========================
Suspected Project: chromium-pdfium

This is impacting to Beta (53.0.2785.80).

Suspect : https://pdfium.googlesource.com/pdfium.git/+/7b214237e2be6a0d962987d222c73161620c0a27
thestig@ : Would you mind taking a look into this if its related to your change.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2c5e4dadecb9b2dc01828b7ad88da1144efe44f7

commit 2c5e4dadecb9b2dc01828b7ad88da1144efe44f7
Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org>
Date: Wed Aug 31 21:51:16 2016

Roll src/third_party/pdfium/ fc9b11358..21b111fcf (2 commits).

https://pdfium.googlesource.com/pdfium.git/+log/fc9b11358a47..21b111fcf71e

$ git log fc9b11358..21b111fcf --date=short --no-merges --format='%ad %ae %s'
2016-08-31 thestig Attempt to fix potential integer overflow in CFX_FaceCache::LoadGlyphPath().
2016-08-31 dsinclair Use CheckedNumeric for strength calculation.

BUG= 641333 , 639506 

TBR=dsinclair@chromium.org

Review-Url: https://codereview.chromium.org/2300793002
Cr-Commit-Position: refs/heads/master@{#415766}

[modify] https://crrev.com/2c5e4dadecb9b2dc01828b7ad88da1144efe44f7/DEPS

ClusterFuzz has detected this issue as fixed in range 415740:415887.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4646043184791552

Fuzzer: tokenfuzz_pdf_march16
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  CFX_FaceCache::LoadGlyphPath
  CFX_RenderDevice::DrawTextPath
  CFX_RenderDevice::DrawNormalText
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=394980:395008
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=415740:415887

Minimized Testcase (88.32 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96hFOREIG50oUI9FWkSF1EJVlWPYD_ht500DCOmgERFOX39cmYHyxdh3Ed15Iec712o0Ld3lEyA0B9QGX6Rry7bqulpTbrIngtzMuGAK9GuVJiBSIbLalnQDqJ5GtdIG8DdhmrKiDeyy5nu10pfZRyzAE4cxFJqzkOvnjm3SEji9K0y5_c?testcase_id=4646043184791552

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot