Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/def6084e9b4a72781bbf47b7eb819084af96c5d2 (Implement Origin Trial for signature-based SRI.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The DCHECK checks that noone tries to parse two integrity arguments, because that wouldn't make sense.

It turns out that HTMLPreloadScanner was written to be simple & fast, and doesn't bother to check for duplicate attributes, and hence runs into this (with the "right" malformed input). I'll probably fix this by having a separate API entry point for the preload scanner.

Also, downgrading the bug, because it's technically harmless.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ff1c866d26f0cfca5898b8f49e1f44474b816d2b

commit ff1c866d26f0cfca5898b8f49e1f44474b816d2b
Author: Daniel Vogelheim <vogelheim@chromium.org>
Date: Tue Mar 13 20:08:03 2018

Tolerate multiple ParseIntegrityAttribute calls for HTMLPreloadScanner.

HTMLPreloadScanner is written to be simple and fast.
SubresourceIntegrity::ParseIntegrtiyAttribute assumes that the caller does
error checking, and won't call it twice for the same element. Reconcile the
two by adding a relaxed version, TryParseIntegrityAttribute.

Bug:  818385 
Change-Id: I722fb80c283249941e8db14a8efc9af392bc1cbc
Reviewed-on: https://chromium-review.googlesource.com/948848
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Yoav Weiss <yoav@yoav.ws>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#542891}
[modify] https://crrev.com/ff1c866d26f0cfca5898b8f49e1f44474b816d2b/third_party/WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp
[modify] https://crrev.com/ff1c866d26f0cfca5898b8f49e1f44474b816d2b/third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp
[modify] https://crrev.com/ff1c866d26f0cfca5898b8f49e1f44474b816d2b/third_party/WebKit/Source/core/html/parser/PreloadRequest.h

ClusterFuzz has detected this issue as fixed in range 542888:542891.

Detailed report: https://clusterfuzz.com/testcase?key=4748691886571520

Fuzzer: libFuzzer_html_preload_scanner_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  metadata_set.IsEmpty() in SubresourceIntegrity.cpp
  void blink::TokenPreloadScanner::StartTagScanner::ProcessScriptAttribute<WTF::At
  void blink::TokenPreloadScanner::StartTagScanner::ProcessAttribute<WTF::AtomicSt
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=540517:540525
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=542888:542891

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4748691886571520

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4748691886571520 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.