This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Hi thestig@, could you take a look to see if this is related to your cl https://codereview.chromium.org/2456553002?  Thanks!

XFA only, not enabled in any branch of Chrome.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f595ad7b407516b53f00b1766a469f59b32c9204

commit f595ad7b407516b53f00b1766a469f59b32c9204
Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org>
Date: Thu Jan 12 01:19:27 2017

Roll src/third_party/pdfium/ 96f482c9c..d805eec52 (2 commits).

https://pdfium.googlesource.com/pdfium.git/+log/96f482c9cd3c..d805eec52f6a

$ git log 96f482c9c..d805eec52 --date=short --no-merges --format='%ad %ae %s'
2017-01-11 tsepez Use observed pointers in CPDFSDK_AnnotIterator.
2017-01-11 npm Make tiff_read return actual length read

BUG= 679230 , 670928 

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls

TBR=dsinclair@chromium.org

Review-Url: https://codereview.chromium.org/2625253002
Cr-Commit-Position: refs/heads/master@{#443105}

[modify] https://crrev.com/f595ad7b407516b53f00b1766a469f59b32c9204/DEPS

ClusterFuzz has detected this issue as fixed in range 443057:443122.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5634457815220224

Fuzzer: libfuzzer_pdf_codec_tiff_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  tiff_seek
  TIFFReadRawTile1
  TIFFFillTile
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=427783:427885
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=443057:443122

Minimized Testcase (0.35 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94tXYXjbn157it4S-ugo_phEDyyNTvfsUShqrOpbdWt9gMXDBXwU-80yU5ayxMGrqG9Gfvwvf1IJ4ZhplZsFvBn5ltUCnV445tKr5GgrUSZqpAAzJWTMOd5qAlk0MCz0s5GqityFpuGMiw3g__q5sK9i3smrw?testcase_id=5634457815220224

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5634457815220224 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot