The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d923a360be7df84df6e29163991a91740c51ea1f

commit d923a360be7df84df6e29163991a91740c51ea1f
Author: Vaclav Brozek <vabr@chromium.org>
Date: Thu Nov 09 14:39:02 2017

PasswordCSVReader should reject non-ASCII URLs

URLs have a defined way to encode non-ASCII characters. The
PasswordCSVReader should reject non-ASCII URL values.

This was discovered by a fuzzer which will be uploaded in a separate
CL after this one.

Bug:  783111 
Change-Id: I5e6c640205ec45fd0764591e850363ece98a6a86
Reviewed-on: https://chromium-review.googlesource.com/758414
Reviewed-by: Christos Froussios <cfroussios@chromium.org>
Commit-Queue: Vaclav Brozek <vabr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#515168}
[modify] https://crrev.com/d923a360be7df84df6e29163991a91740c51ea1f/components/password_manager/core/browser/import/password_csv_reader.cc
[modify] https://crrev.com/d923a360be7df84df6e29163991a91740c51ea1f/components/password_manager/core/browser/import/password_csv_reader_unittest.cc

https://chromium-review.googlesource.com/c/chromium/src/+/758773 is the fuzzer, currently in review.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502

commit 4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502
Author: Vaclav Brozek <vabr@chromium.org>
Date: Fri Nov 10 08:51:57 2017

Add a fuzzer for CSV reader

This adds a straightforward fuzzer for
components/password_manager/core/browser/import/password_csv_reader.*
and also some seeed corpus and dictionary.

Bug:  783111 
Change-Id: Ic5193d4baa1c730db185059997c1a9fad1b2eef5
Reviewed-on: https://chromium-review.googlesource.com/758773
Reviewed-by: Christos Froussios <cfroussios@chromium.org>
Commit-Queue: Vaclav Brozek <vabr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#515511}
[modify] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/BUILD.gn
[add] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/import/password_csv_reader_corpus/chrome_passwords.csv
[add] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/import/password_csv_reader_corpus/many_lines.csv
[add] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/import/password_csv_reader_corpus/non_ascii_url.csv
[add] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/import/password_csv_reader_corpus/sequences.csv
[add] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/import/password_csv_reader_fuzzer.cc
[add] https://crrev.com/4dcd2a618a0b2d8ccbf9b42e24d8a298f71dc502/components/password_manager/core/browser/import/password_csv_reader_fuzzer.dict

The fuzzer landed in r515511. It just runs the converter on the fuzzer-provided input string. If we realise we need to directly control other parameters (number of rows?) we might build up on this later.