From 8e76c61082c5c74d1e29d5d850b2cdd09ab35ba8 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Tue, 17 Sep 2019 21:41:15 +0200
Subject: helmert: validate scale parameter to avoid later division by zero.
 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16106

---
 src/transformations/helmert.cpp | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/transformations/helmert.cpp')

diff --git a/src/transformations/helmert.cpp b/src/transformations/helmert.cpp
index 63785ea5..7a3e64d0 100644
--- a/src/transformations/helmert.cpp
+++ b/src/transformations/helmert.cpp
@@ -612,6 +612,8 @@ PJ *TRANSFORMATION(helmert, 0) {
     /* Scale */
     if (pj_param (P->ctx, P->params, "ts").i) {
         Q->scale_0 = pj_param (P->ctx, P->params, "ds").f;
+        if( Q->scale_0 <= -1.0e6 )
+            return pj_default_destructor (P, PJD_ERR_INVALID_SCALE);
         if (pj_param (P->ctx, P->params, "ttheta").i && Q->scale_0 == 0.0)
             return pj_default_destructor (P, PJD_ERR_INVALID_SCALE);
     }
-- 
cgit v1.2.3