Issue 855942 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Aug 20
Cc:	attek...@gmail.com
Components:	Internals>Core
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug-Security
External-Fuzzer-Contribution reward-ineligible Security_Severity-Low Security_Impact-Stable Stability-Memory-MemorySanitizer allpublic Clusterfuzz Unreproducible Test-Predator-Auto-Components

Use-of-uninitialized-value in send_delete_event

Project Member Reported by ClusterFuzz, Jun 24 2018

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5658640372203520

Fuzzer: attekett_surku_fuzzer
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  send_delete_event
  gdk_threads_dispatch
  base::MessagePumpGlib::Run
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Low

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5658640372203520

Additional requirements: Requires Gestures

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.

Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days we've been seeing this crash frequently. If you are unable to reproduce this, please try a speculative fix based on the crash stacktrace in the report. The fix can be verified by looking at the crash statistics in the report, a day after the fix is deployed. We will auto-close the bug if the crash is not seen for 14 days.

Project Member

Comment 1 by ClusterFuzz, Jun 24 2018

Components: Internals>Core
Labels: Test-Predator-Auto-Components

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Project Member

Comment 2 by sheriffbot@chromium.org, Jun 25 2018

Labels: Pri-2

Comment 3 by mbarbe...@chromium.org, Jul 27

Labels: Security_Impact-Stable

Based on CF crash statistics this seems to affect stable.

Project Member

Comment 4 by ClusterFuzz, Aug 20

Status: WontFix (was: Untriaged)

ClusterFuzz testcase 5658640372203520 is flaky and no longer crashes, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Project Member

Comment 5 by sheriffbot@chromium.org, Aug 21

Labels: -reward-topanel reward-ineligible

Project Member

Comment 6 by sheriffbot@chromium.org, Nov 27

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 855942 link

Issue metadata

Use-of-uninitialized-value in send_delete_event

Issue description

Comment 1 by ClusterFuzz, Jun 24 2018

Comment 1 Deleted

Comment 2 by sheriffbot@chromium.org, Jun 25 2018

Comment 2 Deleted

Comment 3 by mbarbe...@chromium.org, Jul 27

Comment 3 Deleted

Comment 4 by ClusterFuzz, Aug 20

Comment 4 Deleted

Comment 5 by sheriffbot@chromium.org, Aug 21

Comment 5 Deleted

Comment 6 by sheriffbot@chromium.org, Nov 27

Comment 6 Deleted

Sign in to add a comment