From 37369f208496646b88e9728f59a6f7eabc307a96 Mon Sep 17 00:00:00 2001 From: Kristian Evers Date: Wed, 31 May 2017 19:34:58 +0300 Subject: Disallow +s=0 when in 4-param. mode. Avoids zero-division in PJ_helmert.c Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1956 Credit to OSS-Fuzz. --- src/PJ_helmert.c | 7 +++++-- src/pj_strerrno.c | 1 + src/projects.h | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/PJ_helmert.c b/src/PJ_helmert.c index 0576b5e5..d5d5a683 100644 --- a/src/PJ_helmert.c +++ b/src/PJ_helmert.c @@ -520,12 +520,15 @@ PJ *PROJECTION(helmert) { if (pj_param (P->ctx, P->params, "ttheta").i) { Q->theta_0 = pj_param (P->ctx, P->params, "dtheta").f * ARCSEC_TO_RAD; Q->fourparam = 1; + Q->scale_0 = 1.0; /* default scale for the 4-param shift */ } /* Scale */ - if (pj_param (P->ctx, P->params, "ts").i) + if (pj_param (P->ctx, P->params, "ts").i) { Q->scale_0 = pj_param (P->ctx, P->params, "ds").f; - + if (pj_param (P->ctx, P->params, "ttheta").i && Q->scale_0 == 0.0) + return freeup_msg(P, -PJD_ERR_INVALID_SCALE); + } /* Translation rates */ if (pj_param(P->ctx, P->params, "tdx").i) diff --git a/src/pj_strerrno.c b/src/pj_strerrno.c index 36b7de8a..2bcdc356 100644 --- a/src/pj_strerrno.c +++ b/src/pj_strerrno.c @@ -57,6 +57,7 @@ pj_err_list[] = { "invalid sweep axis, choose x or y", /* -49 */ "malformed pipeline", /* -50 */ "unit conversion factor must be > 0", /* -51 */ + "invalid scale", /* -52 */ }; char *pj_strerrno(int err) { diff --git a/src/projects.h b/src/projects.h index e30468a1..183dae6d 100644 --- a/src/projects.h +++ b/src/projects.h @@ -457,6 +457,7 @@ struct FACTORS { #define PJD_ERR_AXIS -47 #define PJD_ERR_GRID_AREA -48 #define PJD_ERR_CATALOG -49 +#define PJD_ERR_INVALID_SCALE -52 struct projFileAPI_t; -- cgit v1.2.3