Instead of SIGFPE when bytespersample is zero or negative, return OV_EINVAL

Based on0002-Avoid-SIGFPE-when-bytespersample-is-zero.patch from Debian,
see https://bugs.debian.org/635906 , adjusted with input from Ralph
Giles.

Signed-off-by: Ralph Giles <giles@thaumas.net>

diff --git a/lib/vorbisfile.c b/lib/vorbisfile.c
index 6b7bbee..272072e 100644 (file)
--- a/lib/vorbisfile.c
+++ b/lib/vorbisfile.c
@@ -1964,6 +1964,7 @@ long ov_read_filter(OggVorbis_File *vf,char *buffer,int length,
   long samples;
 
   if(vf->ready_state<OPENED)return(OV_EINVAL);
+  if(word<=0)return(OV_EINVAL);
 
   while(1){
     if(vf->ready_state==INITSET){
@@ -1989,6 +1990,8 @@ long ov_read_filter(OggVorbis_File *vf,char *buffer,int length,
     long channels=ov_info(vf,-1)->channels;
     long bytespersample=word * channels;
     vorbis_fpu_control fpu;
+
+    if(channels<1||channels>255)return(OV_EINVAL);
     if(samples>length/bytespersample)samples=length/bytespersample;
 
     if(samples <= 0)