From 7ae1b8e86a694e25ef3785ac1896fdb8ee5f487c Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Wed, 20 Mar 2019 18:07:21 +0100
Subject: imw_p: prevent division by zero in inverse path

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13828
Credit to OSS Fuzz
---
 src/projections/imw_p.cpp | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'src/projections/imw_p.cpp')

diff --git a/src/projections/imw_p.cpp b/src/projections/imw_p.cpp
index 723fcc48..41882df2 100644
--- a/src/projections/imw_p.cpp
+++ b/src/projections/imw_p.cpp
@@ -116,7 +116,12 @@ static PJ_LP e_inverse (PJ_XY xy, PJ *P) {          /* Ellipsoidal, inverse */
     lp.lam = xy.x / cos(lp.phi);
     do {
         t = loc_for(lp, P, &yc);
-        lp.phi = ((lp.phi - Q->phi_1) * (xy.y - yc) / (t.y - yc)) + Q->phi_1;
+        const double denom = t.y - yc;
+        if( denom == 0 ) {
+            proj_errno_set(P, PJD_ERR_NON_CONVERGENT);
+            return proj_coord_error().lp;
+        }
+        lp.phi = ((lp.phi - Q->phi_1) * (xy.y - yc) / denom) + Q->phi_1;
         lp.lam = lp.lam * xy.x / t.x;
         i ++;
     } while (i < N_MAX_ITER &&
@@ -124,7 +129,8 @@ static PJ_LP e_inverse (PJ_XY xy, PJ *P) {          /* Ellipsoidal, inverse */
 
     if( i == N_MAX_ITER )
     {
-        lp.lam = lp.phi = HUGE_VAL;
+        proj_errno_set(P, PJD_ERR_NON_CONVERGENT);
+        return proj_coord_error().lp;
     }
 
     return lp;
-- 
cgit v1.2.3