Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/422fe3c817a246ec2e44403972a8b961ab7ee8cc ([media] Refactor //media/mojo:unit_tests target.).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

 Issue 808800  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/e881e753b0d47f3dd82484695dc24a321a948002

commit e881e753b0d47f3dd82484695dc24a321a948002
Author: Dan Sanders <sandersd@chromium.org>
Date: Tue Feb 13 22:45:39 2018

Prevent NULL dereference in mov_read_sidx()

When there are no segments in a sidx, mov_read_sidx() will try to
dereference a NULL pointer. This patch adds an early return for empty sidx
boxes.

Change-Id: I99145a3a3372c2f3af3bea9cd2c32fb23487cb6f
Bug:  802335 
Reviewed-on: https://chromium-review.googlesource.com/917229
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>

[modify] https://crrev.com/e881e753b0d47f3dd82484695dc24a321a948002/libavformat/mov.c
[modify] https://crrev.com/e881e753b0d47f3dd82484695dc24a321a948002/chromium/patches/README

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e19b85dee7f81bcce2c2af2ad1688c725ab85960

commit e19b85dee7f81bcce2c2af2ad1688c725ab85960
Author: Xiaohan Wang <xhwang@chromium.org>
Date: Wed Feb 14 23:37:39 2018

Roll src/third_party/ffmpeg/ 58a80d155..9ed334093 (4 commits)

https://chromium.googlesource.com/chromium/third_party/ffmpeg.git/+log/58a80d15568f..9ed334093692

$ git log 58a80d155..9ed334093 --date=short --no-merges --format='%ad %ae %s'
2018-02-13 sandersd Prevent NULL dereference in mov_seek_fragment()
2018-02-13 xhwang ffmpeg: Fix integer overflow in decode_cabac_residual_internal()
2018-02-13 xhwang ffmpeg: Fix stts_data memory allocation
2018-02-13 sandersd Prevent NULL dereference in mov_read_sidx()

Created with:
  roll-dep src/third_party/ffmpeg

BUG= 804070 , 806580 , 801821 , 802335 

Change-Id: Iae66a2c0ac4443b8ef04fffa630a925308dfdd04
Reviewed-on: https://chromium-review.googlesource.com/919863
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
Commit-Queue: Xiaohan Wang <xhwang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#536884}
[modify] https://crrev.com/e19b85dee7f81bcce2c2af2ad1688c725ab85960/DEPS

ClusterFuzz has detected this issue as fixed in range 536860:536909.

Detailed report: https://clusterfuzz.com/testcase?key=5656354420424704

Fuzzer: libFuzzer_media_pipeline_integration_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000028
Crash State:
  mov_read_sidx
  base::CreateThread
  base::internal::SchedulerWorker::Thread::Create
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=517948:517979
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=536860:536909

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5656354420424704

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5656354420424704 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Dan, this patch isn't yet in upstream ffmpeg; it's still correctly tracked by our downstream patches README as of M67 roll  bug 803898 .