Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Automatically assigning owner based on suspected regression changelist https://pdfium.googlesource.com/pdfium/+/30dc6aaf878b2c55efcf7598fdb8886e06d14e01 (Add FxAlignToBoundary<>() template helper function.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium/+/3486cf2d29b4cea2083d3def150b19af94b89562

commit 3486cf2d29b4cea2083d3def150b19af94b89562
Author: Tom Sepez <tsepez@chromium.org>
Date: Wed Nov 28 21:27:50 2018

Avoid overflow when rounding 2147483616 to a 32-bit boundary.

Looks like the optimizer didn't fold my N - 1, so currently we add
N and overflow, then subtract 1 and underflow, in this one legitimate
case. Caller is responsible otherwise.

Bug:  chromium:909718 
Change-Id: Idec62ce25ed70897a2d3294a27a146f83c6677da
Reviewed-on: https://pdfium-review.googlesource.com/c/45873
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>

[modify] https://crrev.com/3486cf2d29b4cea2083d3def150b19af94b89562/core/fxcrt/fx_memory.h

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1bcdee9ce968577c851bd4459fff3cad94b7097a

commit 1bcdee9ce968577c851bd4459fff3cad94b7097a
Author: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com>
Date: Thu Nov 29 00:34:31 2018

Roll src/third_party/pdfium b67698386664..0559d9d48f8b (6 commits)

https://pdfium.googlesource.com/pdfium.git/+log/b67698386664..0559d9d48f8b


git log b67698386664..0559d9d48f8b --date=short --no-merges --format='%ad %ae %s'
2018-11-28 thestig@chromium.org Get rid of "exceptions" in CBC_OneDimWriter::AppendPattern().
2018-11-28 tsepez@chromium.org Avoid overflow when rounding 2147483616 to a 32-bit boundary.
2018-11-28 thestig@chromium.org Get rid of "exceptions" in CBC_QRCoderMaskUtil::GetDataMaskBit().
2018-11-28 thestig@chromium.org Get rid of "exceptions" in CBC_QRCoderMode::GetCharacterCountBits().
2018-11-28 tsepez@chromium.org Remove redundant CPDF_PDF417::CODEWORD_TABLE high half-word
2018-11-28 tsepez@chromium.org Bound acess to g_ arrays in BC_PDF417HighLevelEncoder.cpp


Created with:
  gclient setdep -r src/third_party/pdfium@0559d9d48f8b

The AutoRoll server is located here: https://autoroll.skia.org/r/pdfium-autoroll

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, please contact the current sheriff, who should
be CC'd on the roll, and stop the roller if necessary.



BUG= chromium:909718 ,chromium:906465
TBR=dsinclair@chromium.org

Change-Id: Ibceba319de2c5b663eff58cdbf3a50bdeac94a8f
Reviewed-on: https://chromium-review.googlesource.com/c/1354340
Reviewed-by: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com>
Commit-Queue: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#611959}
[modify] https://crrev.com/1bcdee9ce968577c851bd4459fff3cad94b7097a/DEPS

ClusterFuzz has detected this issue as fixed in range 611955:611972.

Detailed report: https://clusterfuzz.com/testcase?key=5735766963257344

Fuzzer: libFuzzer_pdf_codec_jbig2_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  int FxAlignToBoundary<32, int>
  CJBig2_Image::CJBig2_Image
  pdfium::internal::MakeUniqueResult<CJBig2_Image>::Scalar pdfium::MakeUnique<CJBi
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=594089:594104
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=611955:611972

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5735766963257344

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5735766963257344 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.