New issue
Advanced search Search tips

Issue 919343 link

Starred by 1 user
Status: Available
Owner: ----
Cc:
kkaluri@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 3
Type: Bug



Sign in to add a comment

snav: Null-dereference READ in blink::HTMLOptionElement::Selected

Project Member Reported by ClusterFuzz, Jan 6 
Detailed report: https://clusterfuzz.com/testcase?key=5667930171506688

Fuzzer: inferno_twister
Job Type: mac_asan_content_shell
Platform Id: mac

Crash Type: Null-dereference READ
Crash Address: 0x000000000060
Crash State:
  blink::HTMLOptionElement::Selected
  blink::HTMLSelectElement::UpdateSelectedState
  blink::HTMLSelectElement::ListBoxDefaultEventHandler
  
Sanitizer: address (ASAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5667930171506688

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

Comment 1 by kkaluri@chromium.org, Jan 7

Cc: kkaluri@chromium.org
Labels: M-72 Test-Predator-Wrong
Owner: tkent@chromium.org
Status: Assigned (was: Untriaged)
Predator and CL could not provide any possible suspects.

Using Code Search for the file, "html_select_element.cc" suspecting the below Cl might have caused this issue

Suspect CL: https://chromium.googlesource.com/chromium/src/+/2eca7f41983186468d08839d2ba2ecb76c248f54

tkent@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 2 by tkent@chromium.org, Jan 7

Components: Blink>Forms>Select Blink>HTML>Focus
Labels: -Pri-1 -M-72 Pri-3
Owner: ----
Status: Available (was: Assigned)
Summary: snav: Null-dereference READ in blink::HTMLOptionElement::Selected (was: Null-dereference READ in blink::HTMLOptionElement::Selected)
This is specific to Spatial Navigation, which is not available in Google Chrome.

Sign in to add a comment