From: Petter Reinholdtsen <pere@hungry.com>
Date: Mon, 13 Apr 2020 16:55:21 +0000 (+0200)
Subject: Instead of SIGFPE when bytespersample is zero or negative, return OV_EINVAL
X-Git-Tag: v1.3.7~31
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=0a4beb1d04f802c48016b11fb939690e24173168;p=platform%2Fupstream%2Flibvorbis.git

Instead of SIGFPE when bytespersample is zero or negative, return OV_EINVAL

Based on0002-Avoid-SIGFPE-when-bytespersample-is-zero.patch from Debian,
see https://bugs.debian.org/635906 , adjusted with input from Ralph
Giles.

Signed-off-by: Ralph Giles <giles@thaumas.net>
---

diff --git a/lib/vorbisfile.c b/lib/vorbisfile.c
index 6b7bbee..272072e 100644
--- a/lib/vorbisfile.c
+++ b/lib/vorbisfile.c
@@ -1964,6 +1964,7 @@ long ov_read_filter(OggVorbis_File *vf,char *buffer,int length,
   long samples;
 
   if(vf->ready_state<OPENED)return(OV_EINVAL);
+  if(word<=0)return(OV_EINVAL);
 
   while(1){
     if(vf->ready_state==INITSET){
@@ -1989,6 +1990,8 @@ long ov_read_filter(OggVorbis_File *vf,char *buffer,int length,
     long channels=ov_info(vf,-1)->channels;
     long bytespersample=word * channels;
     vorbis_fpu_control fpu;
+
+    if(channels<1||channels>255)return(OV_EINVAL);
     if(samples>length/bytespersample)samples=length/bytespersample;
 
     if(samples <= 0)