Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on suspected regression changelists:

Color transform APNG frames that blend over previous to a temp buffer by brianosman@google.com - https://chromium.googlesource.com/chromium/src/+/028cbb7d3a185a8564eda3a85dee31e0906886e3

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label.

This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it.

If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Fix incoming. Bug is mine, but pre-dates the suspected CL.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/24721cdae9f02bdc15ec68bf39265b1b2bdb8c4b

commit 24721cdae9f02bdc15ec68bf39265b1b2bdb8c4b
Author: Brian Osman <brianosman@google.com>
Date: Thu Jun 07 20:41:41 2018

Always use SkColorSpace::Make(skcms_ICCProfile&) to create fallback color space

This factory rejects profiles with non-invertible XYZ matrices.
The old code accepted those matrices, allowing the SkImage color
space to have such a matrix. That led to failures when attempting
to decode an image (and transform to that space).

Bug:  chromium:850354 
Change-Id: I37de7ece181eeee0d6e8a5b389e6a6abf95e1ad3
Reviewed-on: https://chromium-review.googlesource.com/1091144
Reviewed-by: Leon Scroggins <scroggo@chromium.org>
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Klein <mtklein@chromium.org>
Commit-Queue: Brian Osman <brianosman@google.com>
Cr-Commit-Position: refs/heads/master@{#565394}
[modify] https://crrev.com/24721cdae9f02bdc15ec68bf39265b1b2bdb8c4b/third_party/blink/renderer/platform/image-decoders/image_decoder.cc

ClusterFuzz has detected this issue as fixed in range 565393:565394.

Detailed report: https://clusterfuzz.com/testcase?key=5903999925223424

Fuzzer: noel-image-surku
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  blink::ImageFrame::BlendRGBARaw
  blink::PNGImageDecoder::RowAvailable
  cr_png_push_process_row
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=561503:561504
Fixed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=565393:565394

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5903999925223424

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5903999925223424 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug requires manual review: M68 has already been promoted to the beta branch, so this requires manual review
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), kariahda@(iOS), bhthompson@(ChromeOS), abdulsyed@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Approving merge for M68. Branch:3440

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ae49f5e2c1e538b9822a75f0dc87c1e69c74383a

commit ae49f5e2c1e538b9822a75f0dc87c1e69c74383a
Author: Brian Osman <brianosman@google.com>
Date: Tue Jun 12 20:10:55 2018

Always use SkColorSpace::Make(skcms_ICCProfile&) to create fallback color space

This factory rejects profiles with non-invertible XYZ matrices.
The old code accepted those matrices, allowing the SkImage color
space to have such a matrix. That led to failures when attempting
to decode an image (and transform to that space).

Bug:  chromium:850354 
Change-Id: I37de7ece181eeee0d6e8a5b389e6a6abf95e1ad3
Reviewed-on: https://chromium-review.googlesource.com/1091144
Reviewed-by: Leon Scroggins <scroggo@chromium.org>
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Klein <mtklein@chromium.org>
Commit-Queue: Brian Osman <brianosman@google.com>
Cr-Original-Commit-Position: refs/heads/master@{#565394}(cherry picked from commit 24721cdae9f02bdc15ec68bf39265b1b2bdb8c4b)
Reviewed-on: https://chromium-review.googlesource.com/1097255
Cr-Commit-Position: refs/branch-heads/3440@{#313}
Cr-Branched-From: 010ddcfda246975d194964ccf20038ebbdec6084-refs/heads/master@{#561733}
[modify] https://crrev.com/ae49f5e2c1e538b9822a75f0dc87c1e69c74383a/third_party/blink/renderer/platform/image-decoders/image_decoder.cc

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot