Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 71 of file JBig2_HuffmanTable.cpp, which is stack frame 0.

Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 26 of file JBig2_HuffmanTable.cpp, which is stack frame 1.

Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 1234 of file JBig2_Context.cpp, which is stack frame 2.

Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 411 of file JBig2_Context.cpp, which is stack frame 3.

Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 330 of file JBig2_Context.cpp, which is stack frame 4.

Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 86 of file JBig2_Context.cpp, which is stack frame 5.

Author: Dan Sinclair
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/764ec513eecbebd12781bcc96ce81ed5e736ee92
Time: Mon Mar 14 13:35:12 2016 -0400
The CL last changed line 118 of file JBig2_Context.cpp, which is stack frame 6.

@dsinclair: Assigning to you, request you to please take a look into it. Please help us to reassign if not with respect to your changes.

Thanks.!

I can help this one if you'd like.

Awesome, thank you.

https://codereview.chromium.org/2397783002/ in CQ

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium.git/+/587ec1975017ecbf13c1c3faf64c1008a95846f2

commit 587ec1975017ecbf13c1c3faf64c1008a95846f2
Author: kcwu <kcwu@chromium.org>
Date: Thu Oct 06 19:29:13 2016

Reject JBig2 Huffman table with too large shift value

BUG= chromium:653044 

Review-Url: https://codereview.chromium.org/2397783002

[modify] https://crrev.com/587ec1975017ecbf13c1c3faf64c1008a95846f2/core/fxcodec/jbig2/JBig2_HuffmanTable.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/489d17d95a8b35a239cd2b63d38c24a7a3dfc92c

commit 489d17d95a8b35a239cd2b63d38c24a7a3dfc92c
Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org>
Date: Thu Oct 06 21:18:19 2016

Roll src/third_party/pdfium/ ca03f7a1c..3a0a808ff (4 commits).

https://pdfium.googlesource.com/pdfium.git/+log/ca03f7a1c654..3a0a808ff546

$ git log ca03f7a1c..3a0a808ff --date=short --no-merges --format='%ad %ae %s'
2016-10-06 kcwu Fix assertion failure when decoding malform G4 fax image
2016-10-06 kcwu Reject JBig2 Huffman table with too large shift value
2016-10-06 npm Split m_InstalledTTFonts into two vectors to avoid sketchy logic.
2016-10-06 caryclark switch to new skia blend mode enum class

BUG= 653044 

TBR=dsinclair@chromium.org

Review-Url: https://codereview.chromium.org/2395263002
Cr-Commit-Position: refs/heads/master@{#423683}

[modify] https://crrev.com/489d17d95a8b35a239cd2b63d38c24a7a3dfc92c/DEPS

ClusterFuzz has detected this issue as fixed in range 423677:423751.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5225288063778816

Fuzzer: libfuzzer_pdf_codec_jbig2_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Undefined-shift
Crash Address: 
Crash State:
  CJBig2_HuffmanTable::ParseFromCodedBuffer
  CJBig2_HuffmanTable::CJBig2_HuffmanTable
  parseTable
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=421422:421461
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=423677:423751

Minimized Testcase (0.03 Kb): https://cluster-fuzz.appspot.com/download/AMIfv947yJ_EUt7OprRSnLlAD8gVQGR8G0pkVtdoi07FBaQpQcmXyLETOIMoAIqPh5mnQTHIqtd5iS5TTu1ICzYxQnsAmoQT5TLwnAShxNUgjXGn9Pqon9c4uGruB4GJ8SWqcNMmP_sMl8V9kJxxjilDnTuy0GuHug?testcase_id=5225288063778816

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/489d17d95a8b35a239cd2b63d38c24a7a3dfc92c

commit 489d17d95a8b35a239cd2b63d38c24a7a3dfc92c
Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org>
Date: Thu Oct 06 21:18:19 2016

Roll src/third_party/pdfium/ ca03f7a1c..3a0a808ff (4 commits).

https://pdfium.googlesource.com/pdfium.git/+log/ca03f7a1c654..3a0a808ff546

$ git log ca03f7a1c..3a0a808ff --date=short --no-merges --format='%ad %ae %s'
2016-10-06 kcwu Fix assertion failure when decoding malform G4 fax image
2016-10-06 kcwu Reject JBig2 Huffman table with too large shift value
2016-10-06 npm Split m_InstalledTTFonts into two vectors to avoid sketchy logic.
2016-10-06 caryclark switch to new skia blend mode enum class

BUG= 653044 

TBR=dsinclair@chromium.org

Review-Url: https://codereview.chromium.org/2395263002
Cr-Commit-Position: refs/heads/master@{#423683}

[modify] https://crrev.com/489d17d95a8b35a239cd2b63d38c24a7a3dfc92c/DEPS

[Automated comment] removing mislabelled merge-merged-2840

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot