avcodec/pnm: Check scale

Fixes: division by zero Fixes: 22974/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PFM_fuzzer-6270027077779456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/pnm: Check scale
Fixes: division by zero Fixes: 22974/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PFM_fuzzer-6270027077779456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
8e21379d · Michael Niedermayer · 3e651eea · 8e21379d
Commit 8e21379d authored Jun 06, 2020 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

pnm.c libavcodec/pnm.c +1 -1

No files found.
--- a/libavcodec/pnm.c
+++ b/libavcodec/pnm.c
@@ -179,7 +179,7 @@ int ff_pnm_decode_header(AVCodecContext *avctx, PNMContext * const s)
    if (avctx->pix_fmt == AV_PIX_FMT_GBRPF32) {
        pnm_get(s, buf1, sizeof(buf1));
-        if (av_sscanf(buf1, "%f", &s->scale) != 1) {
+        if (av_sscanf(buf1, "%f", &s->scale) != 1 || s->scale == 0.0 || !isfinite(s->scale)) {
            av_log(avctx, AV_LOG_ERROR, "Invalid scale.\n");
            return AVERROR_INVALIDDATA;
        }