From 685ad56156f320760c92f7f71fa4acbf3e00acc9 Mon Sep 17 00:00:00 2001 From: Even Rouault Date: Wed, 10 Apr 2019 23:55:52 +0200 Subject: lsat: avoid division by zero in inverse Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14135 Credit to OSS Fuzz --- src/projections/lsat.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/projections/lsat.cpp b/src/projections/lsat.cpp index 5b7520d3..f9eec1b9 100644 --- a/src/projections/lsat.cpp +++ b/src/projections/lsat.cpp @@ -112,7 +112,6 @@ static PJ_LP e_inverse (PJ_XY xy, PJ *P) { /* Ellipsoidal, inverse */ struct pj_opaque *Q = static_cast(P->opaque); int nn; double lamt, sdsq, s, lamdp, phidp, sppsq, dd, sd, sl, fac, scl, sav, spp; - lamdp = xy.x / Q->b; nn = 50; do { @@ -135,10 +134,14 @@ static PJ_LP e_inverse (PJ_XY xy, PJ *P) { /* Ellipsoidal, inverse */ lamdp -= TOL; spp = sin(phidp); sppsq = spp * spp; + const double denom = 1. - sppsq * (1. + Q->u); + if( denom == 0.0 ) { + proj_errno_set(P, PJD_ERR_INVALID_X_OR_Y); + return proj_coord_error().lp; + } lamt = atan(((1. - sppsq * P->rone_es) * tan(lamdp) * Q->ca - spp * Q->sa * sqrt((1. + Q->q * dd) * ( - 1. - sppsq) - sppsq * Q->u) / cos(lamdp)) / (1. - sppsq - * (1. + Q->u))); + 1. - sppsq) - sppsq * Q->u) / cos(lamdp)) / denom); sl = lamt >= 0. ? 1. : -1.; scl = cos(lamdp) >= 0. ? 1. : -1; lamt -= M_HALFPI * (1. - scl) * sl; -- cgit v1.2.3 From 00dffd7ace356d7cb39e2c515237d4351f5b5666 Mon Sep 17 00:00:00 2001 From: Even Rouault Date: Thu, 11 Apr 2019 00:14:26 +0200 Subject: omerc: avoid division by zero when |lat_0|=90 Partially revert e3346bb39c860883ed9a8ada0657139118e21ef0 (#195) Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14136 Credit to OSS Fuzz --- src/projections/omerc.cpp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src') diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp index c33f6489..4d78fbef 100644 --- a/src/projections/omerc.cpp +++ b/src/projections/omerc.cpp @@ -191,6 +191,9 @@ PJ *PROJECTION(omerc) { gamma = alpha_c; } else alpha_c = aasin(P->ctx, D*sin(gamma0 = gamma)); + if( fabs(fabs(P->phi0) - M_HALFPI) <= TOL ) { + return pj_default_destructor(P, PJD_ERR_LAT_0_OR_ALPHA_EQ_90); + } P->lam0 = lamc - aasin(P->ctx, .5 * (F - 1. / F) * tan(gamma0)) / Q->B; } else { -- cgit v1.2.3 From c1e730312965831e6b9c2093677a67716c198622 Mon Sep 17 00:00:00 2001 From: Even Rouault Date: Thu, 11 Apr 2019 00:21:24 +0200 Subject: omerc: avoid division by zero Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14138 Credit to OSS Fuzz --- src/projections/omerc.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/projections/omerc.cpp b/src/projections/omerc.cpp index 4d78fbef..c0278043 100644 --- a/src/projections/omerc.cpp +++ b/src/projections/omerc.cpp @@ -209,8 +209,11 @@ PJ *PROJECTION(omerc) { lam2 += M_TWOPI; P->lam0 = adjlon(.5 * (lam1 + lam2) - atan( J * tan(.5 * Q->B * (lam1 - lam2)) / p) / Q->B); - gamma0 = atan(2. * sin(Q->B * adjlon(lam1 - P->lam0)) / - (F - 1. / F)); + const double denom = F - 1. / F; + if( denom == 0 ) { + return pj_default_destructor(P, PJD_ERR_INVALID_ECCENTRICITY); + } + gamma0 = atan(2. * sin(Q->B * adjlon(lam1 - P->lam0)) / denom); gamma = alpha_c = aasin(P->ctx, D * sin(gamma0)); } Q->singam = sin(gamma0); -- cgit v1.2.3