From e08b7bddd25349a24a294616e4d9c984c138e531 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Tue, 26 Mar 2019 15:49:42 +0100
Subject: omerc inverse: fix division

Test case https://oss-fuzz.com/testcase-detail/5739351578771456 of
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13894
Credit to OSS Fuzz
---
 src/projections/omerc.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/projections/omerc.cpp')

diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp
index e9b7b4a0..c33f6489 100644
--- a/src/projections/omerc.cpp
+++ b/src/projections/omerc.cpp
@@ -97,6 +97,10 @@ static PJ_LP e_inverse (PJ_XY xy, PJ *P) {          /* Ellipsoidal, inverse */
         u = xy.y * Q->cosrot + xy.x * Q->sinrot + Q->u_0;
     }
     Qp = exp(- Q->BrA * v);
+    if( Qp == 0 ) {
+        proj_errno_set(P, PJD_ERR_INVALID_X_OR_Y);
+        return proj_coord_error().lp;
+    }
     Sp = .5 * (Qp - 1. / Qp);
     Tp = .5 * (Qp + 1. / Qp);
     Vp = sin(Q->BrA * u);
-- 
cgit v1.2.3


From 00dffd7ace356d7cb39e2c515237d4351f5b5666 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Thu, 11 Apr 2019 00:14:26 +0200
Subject: omerc: avoid division by zero when |lat_0|=90

Partially revert e3346bb39c860883ed9a8ada0657139118e21ef0 (#195)

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14136
Credit to OSS Fuzz
---
 src/projections/omerc.cpp | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/projections/omerc.cpp')

diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp
index c33f6489..4d78fbef 100644
--- a/src/projections/omerc.cpp
+++ b/src/projections/omerc.cpp
@@ -191,6 +191,9 @@ PJ *PROJECTION(omerc) {
                 gamma = alpha_c;
         } else
             alpha_c = aasin(P->ctx, D*sin(gamma0 = gamma));
+        if( fabs(fabs(P->phi0) - M_HALFPI) <= TOL ) {
+            return pj_default_destructor(P, PJD_ERR_LAT_0_OR_ALPHA_EQ_90);
+        }
         P->lam0 = lamc - aasin(P->ctx, .5 * (F - 1. / F) *
            tan(gamma0)) / Q->B;
     } else {
-- 
cgit v1.2.3


From c1e730312965831e6b9c2093677a67716c198622 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Thu, 11 Apr 2019 00:21:24 +0200
Subject: omerc: avoid division by zero

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14138
Credit to OSS Fuzz
---
 src/projections/omerc.cpp | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/projections/omerc.cpp')

diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp
index 4d78fbef..c0278043 100644
--- a/src/projections/omerc.cpp
+++ b/src/projections/omerc.cpp
@@ -209,8 +209,11 @@ PJ *PROJECTION(omerc) {
             lam2 += M_TWOPI;
         P->lam0 = adjlon(.5 * (lam1 + lam2) - atan(
            J * tan(.5 * Q->B * (lam1 - lam2)) / p) / Q->B);
-        gamma0 = atan(2. * sin(Q->B * adjlon(lam1 - P->lam0)) /
-           (F - 1. / F));
+        const double denom = F - 1. / F;
+        if( denom == 0 ) {
+            return pj_default_destructor(P, PJD_ERR_INVALID_ECCENTRICITY);
+        }
+        gamma0 = atan(2. * sin(Q->B * adjlon(lam1 - P->lam0)) / denom);
         gamma = alpha_c = aasin(P->ctx, D * sin(gamma0));
     }
     Q->singam = sin(gamma0);
-- 
cgit v1.2.3


From 8ae2f83174808ac41324c33a749b9cb7ac7eca51 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Tue, 16 Apr 2019 22:02:26 +0200
Subject: omerc: avoid division by zero

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14279
Credit to OSS Fuzz
---
 src/projections/omerc.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/projections/omerc.cpp')

diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp
index c0278043..e07c209e 100644
--- a/src/projections/omerc.cpp
+++ b/src/projections/omerc.cpp
@@ -201,6 +201,10 @@ PJ *PROJECTION(omerc) {
         L = pow(pj_tsfn(phi2, sin(phi2), P->e), Q->B);
         F = Q->E / H;
         p = (L - H) / (L + H);
+        if( p == 0 ) {
+            // Not quite, but es is very close to 1...
+            return pj_default_destructor(P, PJD_ERR_INVALID_ECCENTRICITY);
+        }
         J = Q->E * Q->E;
         J = (J - L * H) / (J + L * H);
         if ((con = lam1 - lam2) < -M_PI)
-- 
cgit v1.2.3


From 318dab0d074a7bfd9d0724e674777aa10422d4e6 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Sat, 20 Apr 2019 17:49:37 +0200
Subject: omerc: validate lat_1 and lat_2 to avoid divison by zero

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14384
Credit to OSS Fuzz
---
 src/projections/omerc.cpp | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/projections/omerc.cpp')

diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp
index e07c209e..0de3aa7d 100644
--- a/src/projections/omerc.cpp
+++ b/src/projections/omerc.cpp
@@ -154,6 +154,8 @@ PJ *PROJECTION(omerc) {
         phi1 = pj_param(P->ctx, P->params, "rlat_1").f;
         lam2 = pj_param(P->ctx, P->params, "rlon_2").f;
         phi2 = pj_param(P->ctx, P->params, "rlat_2").f;
+        if (fabs(phi1) > M_HALFPI || fabs(phi2) > M_HALFPI)
+            return pj_default_destructor(P, PJD_ERR_LAT_LARGER_THAN_90);
         if (fabs(phi1 - phi2) <= TOL ||
             (con = fabs(phi1)) <= TOL ||
             fabs(con - M_HALFPI) <= TOL ||
-- 
cgit v1.2.3


From 00980bf63fae6d350f425c44a648f33d7c09a931 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Fri, 26 Apr 2019 18:18:30 +0200
Subject: Prefix inverse and forward functions by their projection names

This is mostly to have better OSSFuzz report. Currently a lot
of bug summaries are like
`proj4/standard_fuzzer: Divide-by-zero in s_inverse`

By prefixing the projection name, we will get better reports, like
`Divide-by-zero in airy_s_inverse`

This also makes it slightly easier to set a breakpoint by
function name.
---
 src/projections/omerc.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/projections/omerc.cpp')

diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp
index 0de3aa7d..954023df 100644
--- a/src/projections/omerc.cpp
+++ b/src/projections/omerc.cpp
@@ -45,7 +45,7 @@ struct pj_opaque {
 #define EPS 1.e-10
 
 
-static PJ_XY e_forward (PJ_LP lp, PJ *P) {          /* Ellipsoidal, forward */
+static PJ_XY omerc_e_forward (PJ_LP lp, PJ *P) {          /* Ellipsoidal, forward */
     PJ_XY xy = {0.0,0.0};
     struct pj_opaque *Q = static_cast<struct pj_opaque*>(P->opaque);
     double S, T, U, V, W, temp, u, v;
@@ -84,7 +84,7 @@ static PJ_XY e_forward (PJ_LP lp, PJ *P) {          /* Ellipsoidal, forward */
 }
 
 
-static PJ_LP e_inverse (PJ_XY xy, PJ *P) {          /* Ellipsoidal, inverse */
+static PJ_LP omerc_e_inverse (PJ_XY xy, PJ *P) {          /* Ellipsoidal, inverse */
     PJ_LP lp = {0.0,0.0};
     struct pj_opaque *Q = static_cast<struct pj_opaque*>(P->opaque);
     double  u, v, Qp, Sp, Tp, Vp, Up;
@@ -238,8 +238,8 @@ PJ *PROJECTION(omerc) {
     F = 0.5 * gamma0;
     Q->v_pole_n = Q->ArB * log(tan(M_FORTPI - F));
     Q->v_pole_s = Q->ArB * log(tan(M_FORTPI + F));
-    P->inv = e_inverse;
-    P->fwd = e_forward;
+    P->inv = omerc_e_inverse;
+    P->fwd = omerc_e_forward;
 
     return P;
 }
-- 
cgit v1.2.3