Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/e2e9d0b71ded5408aaa0b469791fc1df4fcf1648 (Signed Exchange: Switch to b1 envelope format).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it.

If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/44a9e657e0b629ac3518d2887c1aed9870c808e9

commit 44a9e657e0b629ac3518d2887c1aed9870c808e9
Author: Kunihiko Sakamoto <ksakamoto@chromium.org>
Date: Tue Jun 05 10:04:26 2018

Fix signed_exchange_envelope_fuzzer

It was using wrong constant to check input length.

Bug:  849144 , 848779 
Change-Id: I0408e9147922fcc3d94388709e455d9393165426
Reviewed-on: https://chromium-review.googlesource.com/1086427
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#564428}
[modify] https://crrev.com/44a9e657e0b629ac3518d2887c1aed9870c808e9/content/test/fuzzer/signed_exchange_envelope_fuzzer.cc

ClusterFuzz has detected this issue as fixed in range 564425:564434.

Detailed report: https://clusterfuzz.com/testcase?key=4976069590122496

Fuzzer: libFuzzer_signed_exchange_envelope_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  content::SignedExchangePrologue::Parse
  signed_exchange_envelope_fuzzer.cc
  _asn1_delete_list
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=563575:563581
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=564425:564434

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4976069590122496

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4976069590122496 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

 Issue 850270  has been merged into this issue.

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot