Stack-overflow in CFX_XMLAttributeNode::~CFX_XMLAttributeNode |
|||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5247265529921536 Fuzzer: libFuzzer_pdf_xml_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: Stack-overflow Crash Address: 0x7fff42ef4ff8 Crash State: CFX_XMLAttributeNode::~CFX_XMLAttributeNode CFX_XMLElement::~CFX_XMLElement CFX_XMLElement::~CFX_XMLElement Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=465929:466779 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5247265529921536 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jan 6 2018
Automatically adding ccs based on suspected regression changelists: Move fde XML parser to core by dsinclair@chromium.org - https://pdfium.googlesource.com/pdfium/+/0d86ecb08e1b2c204333b1f1f6b0b014e5b2971c Cleanup the fx_extension code. by dsinclair@chromium.org - https://pdfium.googlesource.com/pdfium/+/cfb1944e245e20fe2ce0e94feebc06526db34fa1 If this is incorrect, please apply the Test-Predator-Wrong-CLs label.
,
Jan 9 2018
,
Jan 17 2018
dsinclair@ Ping! Could you please let us know is there any latest update available on this issue. Thanks!
,
Jan 17 2018
This is an XFA issue and is not enabled on any branch of Chrome.
,
Jan 17 2018
,
Jan 18 2018
,
Jan 18 2018
This no longer reproduces for me @ HEAD. Given there is significant work going on with the related widget/node code, it is reasonable that this was fixed as part of another CL. I set a redo task on this to confirm it is fixed.
,
Jan 24 2018
,
Apr 5 2018
I cannot reproduce this @ HEAD or on the original revision. The reports of this issue have dropped off in stats over the last week, so I am thinking the underlying issue has been resolved.
,
Apr 5 2018
ClusterFuzz has detected this issue as fixed in range 548153:548173. Detailed report: https://clusterfuzz.com/testcase?key=5247265529921536 Fuzzer: libFuzzer_pdf_xml_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: Stack-overflow Crash Address: 0x7fff42ef4ff8 Crash State: CFX_XMLAttributeNode::~CFX_XMLAttributeNode CFX_XMLElement::~CFX_XMLElement CFX_XMLElement::~CFX_XMLElement Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=465929:466779 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=548153:548173 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5247265529921536 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Apr 5 2018
ClusterFuzz testcase 5247265529921536 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||||
►
Sign in to add a comment |
|||||||||
Comment 1 by ClusterFuzz
, Jan 6 2018Labels: Test-Predator-Auto-Components