Issue metadata
Sign in to add a comment
|
Use-of-uninitialized-value in gfx::internal::TextRunHarfBuzz::GetClusterAt |
||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4659846615138304 Fuzzer: svg_xml_tokenfuzz Job Type: linux_msan_chrome Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: gfx::internal::TextRunHarfBuzz::GetClusterAt gfx::RenderTextHarfBuzz::DrawVisualText gfx::RenderText::Draw Sanitizer: memory (MSAN) Recommended Security Severity: Low Regressed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=465390:465399 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4659846615138304 Additional requirements: Requires Gestures Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
May 24 2017
karandeepb@: Can you please take a look at this security bug? There is a narrow regression range but it doesn't contain any plausible candidates to have caused the regression. It looks like you are familiar with the code here, so are you able to investigate and/or assign to a better owner?
,
May 24 2017
Will take me some time to reproduce and investigate this. Let me know if this is high priority. Also, cc'ing msw@ in case he wants to take a look.
,
Jun 23 2017
ClusterFuzz testcase 4659846615138304 is flaky and no longer reproduces, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Sep 30 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by sheriffbot@chromium.org
, May 23 2017