Detailed report: https://clusterfuzz.com/testcase?key=5133068169117696 Fuzzer: noel-image-surku Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: Heap-buffer-overflow READ 16 Crash Address: 0xbbe22fdf Crash State: SkColorSpaceXform_XYZ< SkColorSpaceXform::apply blink::PNGImageDecoder::rowAvailable Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=456626:457732 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95XVP5ULfmOtdPJE8cX1nhFfISo7KsKKFwFnnQVf1nsINcDXAP1JGZP1NeC6qvT_xlSGwwtJZ2wGyap-P5Dxs3CAlpzrG46zgM4XDbWgP65ZU2mkgwD4Bp_Fxs3XKPAuu38kzINQIc10GqSrKPrsAl71Ybiv2oi7t7ZrLUBu1preed1qrD11gJEh4TAIpYHLHBP4Fg9BQvSxmkewLjMj8sQefHvceyUDpzPRGqpF2BHCz71hIfg7gx57WBrH4k-xap9CW0dc7F49NogXQx3wDvXAezuGkQz6mlAgGgpls5otHxGO7QXhTZZNkUiytKnQladj8tTy0jmPnrPWnJSY3wa1epZ15UIqA6UEsb3T-lZYisC0Vy8mo1ATytQXC_MhbYbOoPEJ8sdo8HT0WUUwIRimM4XSA?testcase_id=5133068169117696 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
ClusterFuzz has detected this issue as fixed in range 458620:458737. Detailed report: https://clusterfuzz.com/testcase?key=5133068169117696 Fuzzer: noel-image-surku Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: Heap-buffer-overflow READ 16 Crash Address: 0xbbe22fdf Crash State: SkColorSpaceXform_XYZ< SkColorSpaceXform::apply blink::PNGImageDecoder::rowAvailable Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=456626:457732 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=458620:458737 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95XVP5ULfmOtdPJE8cX1nhFfISo7KsKKFwFnnQVf1nsINcDXAP1JGZP1NeC6qvT_xlSGwwtJZ2wGyap-P5Dxs3CAlpzrG46zgM4XDbWgP65ZU2mkgwD4Bp_Fxs3XKPAuu38kzINQIc10GqSrKPrsAl71Ybiv2oi7t7ZrLUBu1preed1qrD11gJEh4TAIpYHLHBP4Fg9BQvSxmkewLjMj8sQefHvceyUDpzPRGqpF2BHCz71hIfg7gx57WBrH4k-xap9CW0dc7F49NogXQx3wDvXAezuGkQz6mlAgGgpls5otHxGO7QXhTZZNkUiytKnQladj8tTy0jmPnrPWnJSY3wa1epZ15UIqA6UEsb3T-lZYisC0Vy8mo1ATytQXC_MhbYbOoPEJ8sdo8HT0WUUwIRimM4XSA?testcase_id=5133068169117696 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Comment 1 by tsepez@chromium.org
, Mar 17 2017Status: Duplicate (was: Untriaged)