Another crash in freetype which we do not ship to end users... Probably wontfix.

We're slowly moving toward normally building in a newer FreeType now that we can properly fuzz it (with the ability for Chromium consumers to build with their own if they want, somewhat like HarfBuzz). Until then, we're not really going to fix this in old FreeType (it's probably fixed upstream now, I've seen bugs like this get fixed).

ClusterFuzz has detected this issue as fixed in range 453894:453925.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4683864838766592

Fuzzer: attekett_dom_fuzzer
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: Heap-buffer-overflow READ 4
Crash Address: 0x603000e3afed
Crash State:
  ft_glyphslot_alloc_bitmap
  Load_SBit_Image
  tt_face_load_sbit_image
  
Sanitizer: address (ASAN)

Recommended Security Severity: Low

Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=284658:284897
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=453894:453925

Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96pjyy1C-VqFydoVbMa9VidKxtQto78NqU9eD56F4thE6RmmxtD5IxZ_znRadXPJiQYpCqf_jcAy_9OopOUl1WcfC7jkr5aWtdsgj8aTXBKOdPlV82M2t2XQaUMYyR4COdYR6I3MFc5pOGtJMfVOqDB7S6dz4FKBo-IBTk4huhkzsxdeKg?testcase_id=4683864838766592


Additional requirements: Requires Gestures

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot