Integer-overflow in blink::IntPoint::move |
||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5734123190878208 Fuzzer: inferno_twister Job Type: linux_ubsan_chrome Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: blink::IntPoint::move move blink::PaintLayerScrollableArea::resizerCornerRect Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=370022:370027 Minimized Testcase (0.38 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97ge34VJmzda3p9yusuMJLKkaK8CZ0Y_vriIFUUMIyUCqGcQkh2ph8DbABu-MUEoCk2GrjukXqC4kC6mkA7_T2rwFJTACT6_QpdHkwmTrzCen2BnKKhkRekg41Uuby271RAcKoNSds_kUHXrgnzmrss0ceELw?testcase_id=5734123190878208 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Nov 28 2016
Test case contains overflowing int so this falls in the class of issues we don't care about, see issue 634803
,
Jan 5 2017
|
||||
►
Sign in to add a comment |
||||
Comment 1 by mummare...@chromium.org
, Nov 11 2016Labels: Test-Predator-Wrong M-55
Owner: bokan@chromium.org
Status: Assigned (was: Untriaged)