Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on suspected regression changelists:

mov: fix decode of fragments that overlap in time by jstebbins@jetheaddev.com - https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/4a9d32baca3af0d1831f9556a922c7ab5b426b10

If this is incorrect, please apply the Test-Predator-Wrong-CLs label.

This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it.

If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

+some more people. Please follow up on this, thanks!

sandersd@ are you looking into this issue?

FFmpeg clusterfuzz issues are pending the M65 FFmpeg roll, since some of the issues are likely to have been fixed upstream. The roll is in progress and should be completed soon.

I am able to reproduce this prior to the M65 FFmpeg roll, but cannot after the roll. This issue is probably fixed upstream.

This issue was fixed by upstream commit 2d015d3bf9fed59c65a3819a35fedbb8b7dde623, "lavf/mov: fix huge alloc in mov_read_ctts".

ClusterFuzz has detected this issue as fixed in range 528999:529007.

Detailed report: https://clusterfuzz.com/testcase?key=5374190940323840

Fuzzer: libFuzzer_media_pipeline_integration_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: UNKNOWN WRITE
Crash Address: 0x060db79f3be8
Crash State:
  mov_read_trun
  mov_read_default
  mov_read_default
  
Sanitizer: undefined (UBSAN)

Recommended Security Severity: High

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=515364:515426
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=528999:529007

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5374190940323840

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5374190940323840 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

MR-64 for ffmpeg DEPS update to pull in commit in c#11

This bug requires manual review: We are only 6 days from stable.
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), cmasso@(iOS), kbleicher@(ChromeOS), abdulsyed@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Approving the merge since this is a severe security regression. Added awhalley@ to take a look as well.

yep, would be great to take this - not looked into the size/coverage of the change, but if we get this merged today it'll still make the last 64 beta.

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/chrome/tools/buildspec/+/d3f81700982851914e334ba680bf4613263de293

commit d3f81700982851914e334ba680bf4613263de293
Author: Dale Curtis <dalecurtis@chromium.org>
Date: Tue Jan 16 21:26:26 2018

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot