avcodec/vorbisdec: Check parameters in vorbis_floor0_decode() before divide

Fixes: division by zero Fixes: 16183/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-5688966782648320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit aecc9b96d613f54d772e9475738bb54e0e1f182e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2019-08-04 12:28:55 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2019-11-15 12:25:45 +0100
commit: 8f14f0659539f34f41eaeaa4cddd6c6c37f6b38c (patch)
tree: 6cbc61ba3c7329c54fca6c26cd1d6faaf97a8601
parent: b7fcf8bf26a3421d6f753f5e762022fc11cb52e5 (diff)
download: ffmpeg-8f14f0659539f34f41eaeaa4cddd6c6c37f6b38c.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/libavcodec/vorbisdec.c b/libavcodec/vorbisdec.c
index fa85266f41..12a3fe9c2e 100644
--- a/libavcodec/vorbisdec.c
+++ b/libavcodec/vorbisdec.c
@@ -1182,6 +1182,9 @@ static int vorbis_floor0_decode(vorbis_context *vc,
                     q *= q;
                 }
 
+                if (p + q == 0.0)
+                    return AVERROR_INVALIDDATA;
+
                 /* calculate linear floor value */
                 q = exp((((amplitude*vf->amplitude_offset) /
                           (((1ULL << vf->amplitude_bits) - 1) * sqrt(p + q)))
author	Michael Niedermayer <michael@niedermayer.cc>	2019-08-04 12:28:55 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2019-11-15 12:25:45 +0100
commit	8f14f0659539f34f41eaeaa4cddd6c6c37f6b38c (patch)
tree	6cbc61ba3c7329c54fca6c26cd1d6faaf97a8601
parent	b7fcf8bf26a3421d6f753f5e762022fc11cb52e5 (diff)
download	ffmpeg-8f14f0659539f34f41eaeaa4cddd6c6c37f6b38c.tar.gz