This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The input is a single byte, and the repro tool can't repro.

The fuzzer is called libFuzzer_content_security_policy_fuzzer, but there's not thing related to CSP in the relevant range.

mbarbella, do you think you could help triage this bug? I don't know what to make of it...

There's an issue on the CF side that's likely causing this. It's being tracked in issue 726144.

ClusterFuzz has detected this issue as fixed in range 479223:479293.

Detailed report: https://clusterfuzz.com/testcase?key=6048587598528512

Fuzzer: libFuzzer_content_security_policy_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  libglib-2.0.so.0
  g_main_context_new
  g_main_context_default
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=477623:477664
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=479223:479293

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6048587598528512


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot