Looks like regression from
https://pdfium.googlesource.com/pdfium/+/e2df5b7305df66efbd81232d911615af60624ae3

Yeah, that is probably me,  I  will look into it.

GIF is XFA only, so changed the release/security impact

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium/+/d6a1595e0bd8f2d0677e2e59e9e0ac6678aaa0d1

commit d6a1595e0bd8f2d0677e2e59e9e0ac6678aaa0d1
Author: Ryan Harrison <rharrison@chromium.org>
Date: Wed Sep 27 16:10:07 2017

Add in missing ! to conditional

This was causing us to use the local palette values when they didn't
exist, instead of the global palette values.

BUG= chromium:769292 

Change-Id: I02d19cbcf0cf9e362e123fc7648d8f47991b8155
Reviewed-on: https://pdfium-review.googlesource.com/14910
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>

[modify] https://crrev.com/d6a1595e0bd8f2d0677e2e59e9e0ac6678aaa0d1/core/fxcodec/lgif/cgifcontext.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/cdd32d6b937b53a9be4582040b0c31ac38ae98fd

commit cdd32d6b937b53a9be4582040b0c31ac38ae98fd
Author: pdfium-deps-roller@chromium.org <pdfium-deps-roller@chromium.org>
Date: Wed Sep 27 19:28:04 2017

Roll src/third_party/pdfium/ c29c16f8c..8b1408e70 (6 commits)

https://pdfium.googlesource.com/pdfium.git/+log/c29c16f8cb98..8b1408e70532

$ git log c29c16f8c..8b1408e70 --date=short --no-merges --format='%ad %ae %s'
2017-09-27 rharrison Remove FXSYS_strlen and FXSYS_wcslen
2017-09-27 rharrison Replace FX_SAFE_STRSIZE with FX_SAFE_SIZE_T
2017-09-27 rharrison Remove FX_STRSIZE and replace with size_t
2017-09-26 rharrison Make names of GIF types less opaque
2017-09-27 rharrison Add in missing ! to conditional
2017-09-27 dsinclair Move static methods to anonymous namespace

Created with:
  roll-dep src/third_party/pdfium
BUG= 769292 


Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls


TBR=dsinclair@chromium.org

Change-Id: Iaae379bbcfe4991deac62bcbedc268c752e68011
Reviewed-on: https://chromium-review.googlesource.com/687816
Reviewed-by: <pdfium-deps-roller@chromium.org>
Commit-Queue: <pdfium-deps-roller@chromium.org>
Cr-Commit-Position: refs/heads/master@{#504750}
[modify] https://crrev.com/cdd32d6b937b53a9be4582040b0c31ac38ae98fd/DEPS

ClusterFuzz has detected this issue as fixed in range 504749:504787.

Detailed report: https://clusterfuzz.com/testcase?key=6197915814199296

Fuzzer: libFuzzer_pdf_codec_gif_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  CFX_LZWDecoder::Create
  CGifContext::LoadFrame
  CCodec_GifModule::LoadFrame
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=504488:504532
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=504749:504787

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6197915814199296

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6197915814199296 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot