Direct-leak in MakeUnique<CPDF_AnnotContext, |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5282455372955648 Fuzzer: mbarbella_js_mutation_layout Job Type: linux_lsan_chrome_mp Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: MakeUnique<CPDF_AnnotContext, FPDFPage_GetAnnot chrome_pdf::PDFiumPage::GetPageFeatures Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_lsan_chrome_mp&range=518768:518771 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5282455372955648 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Feb 2 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/6c9aa01842b041e38243a51e09d446274c7b5297 (Count annotation subtypes that appear in PDF documents.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Feb 2 2018
I found this too while testing the fix for bug 807953 . Did I mention LSAN and CF are awesome?
,
Feb 2 2018
,
Feb 2 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6ce76b8fd3be16a234db036c6dfab8652b0351d4 commit 6ce76b8fd3be16a234db036c6dfab8652b0351d4 Author: Nicolas Pena <npm@chromium.org> Date: Fri Feb 02 19:54:54 2018 Close annotation after opening it Bug: 808269 Change-Id: I75a4ea34839d17d9bce659023468b96b5c541323 Reviewed-on: https://chromium-review.googlesource.com/899909 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Nicolás Peña Moreno <npm@chromium.org> Cr-Commit-Position: refs/heads/master@{#534129} [modify] https://crrev.com/6ce76b8fd3be16a234db036c6dfab8652b0351d4/pdf/pdfium/pdfium_page.cc
,
Feb 2 2018
,
Feb 3 2018
ClusterFuzz has detected this issue as fixed in range 534128:534129. Detailed report: https://clusterfuzz.com/testcase?key=5282455372955648 Fuzzer: mbarbella_js_mutation_layout Job Type: linux_lsan_chrome_mp Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: MakeUnique<CPDF_AnnotContext, FPDFPage_GetAnnot chrome_pdf::PDFiumPage::GetPageFeatures Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_lsan_chrome_mp&range=518768:518771 Fixed: https://clusterfuzz.com/revisions?job=linux_lsan_chrome_mp&range=534128:534129 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5282455372955648 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Feb 3 2018
ClusterFuzz testcase 5282455372955648 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Feb 5 2018
The following revision refers to this bug: https://pdfium.googlesource.com/pdfium/+/a21d593e202cbef9a0641d0123917ac3b8d73ee6 commit a21d593e202cbef9a0641d0123917ac3b8d73ee6 Author: Lei Zhang <thestig@chromium.org> Date: Mon Feb 05 18:28:38 2018 Add FPDFAnnotationDeleter for use with std::unique_ptr. Use it in existing code where appropriate. BUG= chromium:808269 Change-Id: I55b67db05267f4f05a98c9bf8bbd43f6524cbc65 Reviewed-on: https://pdfium-review.googlesource.com/25210 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org> [modify] https://crrev.com/a21d593e202cbef9a0641d0123917ac3b8d73ee6/fpdfsdk/fpdfannot_embeddertest.cpp [modify] https://crrev.com/a21d593e202cbef9a0641d0123917ac3b8d73ee6/samples/pdfium_test.cc [modify] https://crrev.com/a21d593e202cbef9a0641d0123917ac3b8d73ee6/fpdfsdk/fpdfedit_embeddertest.cpp [modify] https://crrev.com/a21d593e202cbef9a0641d0123917ac3b8d73ee6/public/cpp/fpdf_deleters.h
,
Feb 7 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/05e1f89eef2295c0db4bec845ff32b76f2df06a6 commit 05e1f89eef2295c0db4bec845ff32b76f2df06a6 Author: pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Date: Wed Feb 07 18:13:38 2018 Roll src/third_party/pdfium/ 1ea9f3f92..b3a3eaab0 (27 commits) https://pdfium.googlesource.com/pdfium.git/+log/1ea9f3f92f25..b3a3eaab0471 $ git log 1ea9f3f92..b3a3eaab0 --date=short --no-merges --format='%ad %ae %s' 2018-02-07 dsinclair Revert "[v8-platform] Store the platform in a unique_ptr" 2018-02-07 thestig More GetPageNumbers() clean up in fpdf_ppo.cpp. 2018-02-06 xlou Change MakeXObject to update reference from the root of the source page. 2018-02-06 rharrison Use temporary iterator to avoid potential OOB 2018-02-06 hnakashima Fix caret not appearing in XFA Edits. 2018-02-06 tsepez Avoid needless malloc for v8:Global array. 2018-02-06 tsepez Remove unused FreeObjectPrivate() overload. 2018-02-06 reed IWYU 2018-02-06 dsinclair Make the CXFA_Node parent pointer Unowned 2018-02-06 rharrison Break unneeded dep on Bmp codec in Gif codec 2018-02-06 rharrison Account for skip size before getting image ifh size 2018-02-06 rharrison Extract classes in fx_bmp.h into their own files 2018-02-06 rharrison Convert BMP class name style to match other codecs 2018-02-06 rharrison Move core/fxcodec/lbmp/ -> core/fxcodec/bmp/ 2018-02-06 rharrison Changing the member naming style in BMPDecompressor 2018-02-06 thestig Fix an infinite recursion in pdfium_test. 2018-02-06 xlou Add rendering embeddertests for FPDF_ImportNPagesToOne. 2018-02-05 hnakashima Limit dest buffer to 1GB in FlateOrLZWDecode. 2018-02-05 dsinclair Fold CJS_EmbedObj classes into CJS_Object classes 2018-02-05 dsinclair Remove the CJS_EmbedObj template param from JSConstructor. 2018-02-05 thestig Make EmbedderTest class member style consistent. 2018-02-05 thestig Fix testing.cpp build with v8_use_external_startup_data=false. 2018-02-05 tsepez Use unique pointer in CFXJS_PerObjectData. 2018-02-05 thestig Fix some formcalc constant naming. 2018-02-05 ahaas [v8-platform] Store the platform in a unique_ptr 2018-02-05 thestig Add FPDFAnnotationDeleter for use with std::unique_ptr. 2018-02-05 dsinclair [XFA] dot_accessor may not provide a valid object. Created with: roll-dep src/third_party/pdfium BUG=648177, 808336 , 808336 , 808336 , 808336 , 808336 , 808898 , 808269 The AutoRoll server is located here: https://pdfium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. TBR=dsinclair@chromium.org Change-Id: I1ce04168b70e67d18145e08378a12f571727c4f9 Reviewed-on: https://chromium-review.googlesource.com/906916 Commit-Queue: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Reviewed-by: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#535062} [modify] https://crrev.com/05e1f89eef2295c0db4bec845ff32b76f2df06a6/DEPS |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Feb 2 2018Labels: Test-Predator-Auto-Components