Issue metadata
Sign in to add a comment
|
Use-of-uninitialized-value in test_runner::PrintFrameDescription |
||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5045873596432384 Fuzzer: ochang_domfuzzer Job Type: linux_msan_content_shell_drt Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: test_runner::PrintFrameDescription test_runner::WebFrameTestClient::DidFailLoad test_runner::WebFrameTestProxy<content::RenderFrameImpl>::DidFailLoad Sanitizer: memory (MSAN) Recommended Security Severity: Medium Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5045873596432384 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jul 19
This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it. If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 19
,
Jul 19
rbyers@ could you help fix this or triage this to a more appropriate owner? Thanks! The OWNERS file says this is component Tools>Layout (which doesn't exist), so marking this as just "Test" for now. This looks like this might be test-only code, which might make this Security_Impact-None.
,
Jul 25
,
Aug 2
rbyers: Uh oh! This issue still open and hasn't been updated in the last 14 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers? If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one? If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Aug 7
M69 Stable promotion is coming VERY soon. Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and request a merge into the release branch ASAP. Thank you.
,
Aug 10
+awhalley@ (Security TPM), this is M69 stable blocker and M69 stable release is coming very soon. PTAL. Thank you.
,
Aug 13
I'm OK not blocking beta for this.
,
Aug 14
ClusterFuzz has detected this issue as fixed in range 582653:582655. Detailed report: https://clusterfuzz.com/testcase?key=5045873596432384 Fuzzer: ochang_domfuzzer Job Type: linux_msan_content_shell_drt Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: test_runner::PrintFrameDescription test_runner::WebFrameTestClient::DidFailLoad test_runner::WebFrameTestProxy<content::RenderFrameImpl>::DidFailLoad Sanitizer: memory (MSAN) Recommended Security Severity: Medium Fixed: https://clusterfuzz.com/revisions?job=linux_msan_content_shell_drt&range=582653:582655 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5045873596432384 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 14
ClusterFuzz testcase 5045873596432384 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Aug 14
,
Nov 20
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by sheriffbot@chromium.org
, Jul 19