Predator and CL did not provide any possible suspects.
Using Code Search for the file, "cfx_fontmapper.cpp" assigning to the concern owner.

Suspecting Commit#
https://pdfium.googlesource.com/pdfium.git/+/92e2276a8be492fd2be8e44a5d62e8a5879644d8

@dsinclair -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

npm@ if you don't have time to look into this, please feel free to assign back to me.

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium/+/59178f5b6e64c6c30545f1fd1ee6974eaa1356fc

commit 59178f5b6e64c6c30545f1fd1ee6974eaa1356fc
Author: Ryan Harrison <rharrison@chromium.org>
Date: Wed Aug 16 19:51:51 2017

Fix another unguarded string element access

BUG= chromium:754969 

Change-Id: I4f92d301499c658c57393fde01f1252ea84e59a8
Reviewed-on: https://pdfium-review.googlesource.com/11250
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>

[modify] https://crrev.com/59178f5b6e64c6c30545f1fd1ee6974eaa1356fc/core/fxge/cfx_fontmapper.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8c98f0191f34fab9040751bbbb154545ba240a2d

commit 8c98f0191f34fab9040751bbbb154545ba240a2d
Author: pdfium-deps-roller@chromium.org <pdfium-deps-roller@chromium.org>
Date: Wed Aug 16 22:23:47 2017

Roll src/third_party/pdfium/ a169364e4..6551362bc (3 commits)

https://pdfium.googlesource.com/pdfium.git/+log/a169364e4695..6551362bc074

$ git log a169364e4..6551362bc --date=short --no-merges --format='%ad %ae %s'
2017-08-16 hnakashima Fixing crash on mouse movement in XFA form.
2017-08-16 rharrison Fix another unguarded string element access
2017-08-16 dsinclair Remove friendship from TxtEdtEngine and TxtEdtPage

Created with:
  roll-dep src/third_party/pdfium
BUG= 754969 


Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls


TBR=dsinclair@chromium.org

Change-Id: Idb26ce8b9dd87e9639dfa043ec4154a5f040da52
Reviewed-on: https://chromium-review.googlesource.com/617902
Reviewed-by: <pdfium-deps-roller@chromium.org>
Commit-Queue: <pdfium-deps-roller@chromium.org>
Cr-Commit-Position: refs/heads/master@{#494976}
[modify] https://crrev.com/8c98f0191f34fab9040751bbbb154545ba240a2d/DEPS

ClusterFuzz has detected this issue as fixed in range 494974:495051.

Detailed report: https://clusterfuzz.com/testcase?key=4613331439845376

Fuzzer: ifratric_pdf_generic
Job Type: linux_asan_pdfium
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000010
Crash State:
  CFX_FontMapper::FindSubstFont
  CFX_Font::LoadSubst
  CPDF_SimpleFont::LoadSubstFont
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_pdfium&range=493956:493966
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_pdfium&range=494974:495051

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4613331439845376

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4613331439845376 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.