Adding owners of third_party/hunspell, mind giving this a look?

**** Bulk edit -  please ignore if not applicable ****


A friendly reminder that M55 Stable is launch is coming soon! Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and get it merged into the release branch ASAP so it gets enough baking time in Beta (before Stable promotion). Thank you!

Also due to Thanksgiving holidays in US, please make sure fix is ready and merged to M55 latest by 5:00 PM PT Friday, 11/18/16 (sooner the better).

Please see  bug #641841 , specifically comment 7[1], on why this should be neither RBS nor P1. Short version:

* Very hard to trigger, requires complicated user interaction.
* hunspell is happening in render sandbox to address exactly these issues
* We will lose this fix when we roll DEPS. We can't roll DEPS, because upstream is bad

I would *recommend* removing RBS and bumping to P2. If security concerns outweigh my reasoning above, the only viable avenue is shutting down spellcheck on Windows/Linux/CrOS.

[1] https://bugs.chromium.org/p/chromium/issues/detail?id=641841#c7

Thanks for the updating.  Moving to 56 and downgrading.  What's the best way to report this upstream, so we do get a fix once they've got their act together?

Since we're seriously out-of-date with respect to upstream, I suspect they'll ignore it, but https://github.com/hunspell/hunspell is the upstream repo if you want to try anyways.

And we can't catch up with upstream because they still haven't fixed https://github.com/hunspell/hunspell/issues/402 and https://github.com/hunspell/hunspell/issues/403, which breaks hu-HU spelling (and our existing test coverage)

reducing security as per #7.

ClusterFuzz has detected this issue as fixed in range 438170:438219.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6720769892810752

Fuzzer: libfuzzer_hunspell_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: Stack-buffer-overflow WRITE {*}
Crash Address: 0x7fecb5e69a70
Crash State:
  Hunspell::suggest
  _start
  Hunspell::suggest
  
Recommended Security Severity: High

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=414841:414879
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=438170:438219

Minimized Testcase (0.09 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96bOvQbTU1EcOoAu377ZA5ne-Emwb3I_AUB-TE0IwmHx2S80eeFU5B1umSiFjFwLgkURxNzR3WGjkvE2__5X10Rac3Mhcb8QMyCNEFW7gx8MrhiQtla-80No9s-u_1EH-IfTnCLrhGRHT7B4EfyXQGQWXjEQg?testcase_id=6720769892810752

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6720769892810752 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot