Heap-buffer-overflow in autofill::PagePasswordsAnalyser::AnalyseDocumentDOM |
||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6296666064551936 Fuzzer: inferno_webbot Job Type: mac_asan_chrome Platform Id: mac Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6120008a633f Crash State: autofill::PagePasswordsAnalyser::AnalyseDocumentDOM autofill::PagePasswordsAnalyser::AnalyseDocumentDOM autofill::PasswordAutofillAgent::SendPasswordForms Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=506407:506494 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6296666064551936 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jan 25 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/c7b3b2bac5c0f28d7202a1727b7cbbd2f2c0d34d (Display username autocomplete warnings only with explicit passwords). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jan 26 2018
,
Jan 26 2018
,
Jan 28 2018
,
Jan 30 2018
,
Jan 30 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/088743f463ba5016acca31192cf93c6b7bbdb913 commit 088743f463ba5016acca31192cf93c6b7bbdb913 Author: Vadym Doroshenko <dvadym@chromium.org> Date: Tue Jan 30 14:58:50 2018 Password page analyzer fix. This CL fixes typo password_inputs->explicit_password_inputs. Which in some rare situations leads to crash. Bug: 805892 Change-Id: Ibe76806154e7172a4d433d51ec92fb20ba0d900c Reviewed-on: https://chromium-review.googlesource.com/893298 Reviewed-by: Maxim Kolosovskiy <kolos@chromium.org> Commit-Queue: Maxim Kolosovskiy <kolos@chromium.org> Commit-Queue: Vadym Doroshenko <dvadym@chromium.org> Cr-Commit-Position: refs/heads/master@{#532870} [modify] https://crrev.com/088743f463ba5016acca31192cf93c6b7bbdb913/chrome/renderer/autofill/page_passwords_analyser_browsertest.cc [modify] https://crrev.com/088743f463ba5016acca31192cf93c6b7bbdb913/components/autofill/content/renderer/page_passwords_analyser.cc
,
Jan 30 2018
,
Jan 31 2018
ClusterFuzz has detected this issue as fixed in range 532850:532897. Detailed report: https://clusterfuzz.com/testcase?key=6296666064551936 Fuzzer: inferno_webbot Job Type: mac_asan_chrome Platform Id: mac Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6120008a633f Crash State: autofill::PagePasswordsAnalyser::AnalyseDocumentDOM autofill::PagePasswordsAnalyser::AnalyseDocumentDOM autofill::PasswordAutofillAgent::SendPasswordForms Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=506407:506494 Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=532850:532897 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6296666064551936 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 31 2018
ClusterFuzz testcase 6296666064551936 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Feb 1 2018
,
Feb 2 2018
Your change meets the bar and is auto-approved for M65. Please go ahead and merge the CL to branch 3325 manually. Please contact milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), bhthompson@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 2 2018
Pls merge your change to M65 branch 3325 ASAP so we can pick it up for next M65 dev release. Thank you.
,
Feb 4 2018
Pls merge your change to M65 branch 3325 before 2:00 PM PT tomorrow, Monday (02/25/18) so we can pick it up for last dev release on Tuesday. Thank you.
,
Feb 5 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3ac4a1ab98cc92258e9202be637c2e053c98fed9 commit 3ac4a1ab98cc92258e9202be637c2e053c98fed9 Author: Vadym Doroshenko <dvadym@chromium.org> Date: Mon Feb 05 10:59:39 2018 [Merge to M-65] Password page analyzer fix. This CL fixes typo password_inputs->explicit_password_inputs. Which in some rare situations leads to crash. TBR=dvadym@chromium.org (cherry picked from commit 088743f463ba5016acca31192cf93c6b7bbdb913) Bug: 805892 Change-Id: Ibe76806154e7172a4d433d51ec92fb20ba0d900c Reviewed-on: https://chromium-review.googlesource.com/893298 Reviewed-by: Maxim Kolosovskiy <kolos@chromium.org> Commit-Queue: Maxim Kolosovskiy <kolos@chromium.org> Commit-Queue: Vadym Doroshenko <dvadym@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#532870} Reviewed-on: https://chromium-review.googlesource.com/901463 Reviewed-by: Vadym Doroshenko <dvadym@chromium.org> Cr-Commit-Position: refs/branch-heads/3325@{#295} Cr-Branched-From: bc084a8b5afa3744a74927344e304c02ae54189f-refs/heads/master@{#530369} [modify] https://crrev.com/3ac4a1ab98cc92258e9202be637c2e053c98fed9/chrome/renderer/autofill/page_passwords_analyser_browsertest.cc [modify] https://crrev.com/3ac4a1ab98cc92258e9202be637c2e053c98fed9/components/autofill/content/renderer/page_passwords_analyser.cc
,
Feb 5 2018
,
Feb 8 2018
,
Mar 6 2018
,
Mar 27 2018
,
May 14 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||||||||||||||||
►
Sign in to add a comment |
||||||||||||||||
Comment 1 by ClusterFuzz
, Jan 25 2018Labels: Test-Predator-Auto-Components