Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/a7da0714bb1e387b30298047a9fa81c0ed2a2d13 (Add a URLRequest FTP fuzzer.).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

So what seems to be happening is this:

We get an auth digest challenge.  ProxyClientSocket::HandleProxyAuthChallenge calls HttpAuthController::HandleAuthChallenge, which finds no credentials and returns OK.  HandleProxyAuthChallenge then returns ERR_PROXY_AUTH_REQUESTED.

The test fixture sends some credentials.

We get another auth digest challege.  ProxyClientSocket::HandleProxyAuthChallenge calls HttpAuthController::HandleAuthChallenge, which tries to invalidate credentials. But then when it tries to get the credentials from the cache, it gets the stale credentials that were just rejected (?) and returns OK to the ProxyClientSocket, which then returns ERR_PROXY_AUTH_REQUESTED.

The test fixture then provides more credentials, and we DCHECK, since we already have credentials.

I believe the test fixture should be calling HaveAuth() on the HttpAuthController - the ProxyClientSocket docs don't indicate this should be done, so I'll add some docs along with the check.

I'm not sure if reusing the credentials is a bug or not - you could imagine the request timing out when the user entered credentials, so wanting to retry credentials, though that's not what is happening in the test.

I'm also a bit surprised that it took the fuzzer so long to find this case.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/65a7eb59eb3746e3b77011ec738ee21839ce4c3d

commit 65a7eb59eb3746e3b77011ec738ee21839ce4c3d
Author: Matt Menke <mmenke@chromium.org>
Date: Fri Nov 24 22:57:41 2017

Fix bug in http_proxy_client_socket_fuzzer.

It was giving the HttpAuthController new credentials, even when they
weren't needed, which causes a DCHECK. Also update ProxyClientSocket
API docs to make it clear that credentials cannot be provided in this
case.

Bug:  787782 
Change-Id: I702bf13723e75776ee31c67656ea126f3564941c
Reviewed-on: https://chromium-review.googlesource.com/786296
Commit-Queue: Matt Menke <mmenke@chromium.org>
Reviewed-by: Asanka Herath <asanka@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519165}
[modify] https://crrev.com/65a7eb59eb3746e3b77011ec738ee21839ce4c3d/net/http/http_proxy_client_socket_fuzzer.cc
[modify] https://crrev.com/65a7eb59eb3746e3b77011ec738ee21839ce4c3d/net/http/proxy_client_socket.h

ClusterFuzz has detected this issue as fixed in range 519163:519167.

Detailed report: https://clusterfuzz.com/testcase?key=6429420062769152

Fuzzer: libFuzzer_net_http_proxy_client_socket_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  identity_.invalid || credentials.Empty() in http_auth_controller.cc
  net::HttpAuthController::ResetAuth
  http_proxy_client_socket_fuzzer.cc
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=433648:433747
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=519163:519167

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6429420062769152

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6429420062769152 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.