Avoid divide by zero in CFX_ImageTransformer Fix an issue found by a fuzzer that is generally not happening in the wild. Bug: 42270841 Change-Id: I886ad472788f80c70a883985848f2f322cc0179e Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/123350 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@google.com>

commit: 518210c82872d7bb932937fd0ee1cea635530544 [log] [tgz]
author: Lei Zhang <thestig@chromium.org> Wed Aug 14 17:51:01 2024 +0000
committer: Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com> Wed Aug 14 17:51:01 2024 +0000
tree: 7bb60dec9d612cc4a71b881ba0be355b6434347b
parent: 1510ffe6cc9dd1c1715ab4f53239197f6c46991b [diff]
diff --git a/core/fxge/dib/cfx_imagetransformer.cpp b/core/fxge/dib/cfx_imagetransformer.cpp
index c84944f..0d3bcce 100644
--- a/core/fxge/dib/cfx_imagetransformer.cpp
+++ b/core/fxge/dib/cfx_imagetransformer.cpp

@@ -178,7 +178,15 @@
   }
 
   int stretch_width = static_cast<int>(ceil(hypotf(m_matrix.a, m_matrix.b)));
+  if (stretch_width == 0) {
+    return;
+  }
+
   int stretch_height = static_cast<int>(ceil(hypotf(m_matrix.c, m_matrix.d)));
+  if (stretch_height == 0) {
+    return;
+  }
+
   CFX_Matrix stretch_to_dest(1.0f, 0.0f, 0.0f, -1.0f, 0.0f, stretch_height);
   stretch_to_dest.Concat(
       CFX_Matrix(m_matrix.a / stretch_width, m_matrix.b / stretch_width,
commit	518210c82872d7bb932937fd0ee1cea635530544	[log] [tgz]
author	Lei Zhang <thestig@chromium.org>	Wed Aug 14 17:51:01 2024 +0000
committer	Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com>	Wed Aug 14 17:51:01 2024 +0000
tree	7bb60dec9d612cc4a71b881ba0be355b6434347b
parent	1510ffe6cc9dd1c1715ab4f53239197f6c46991b [diff]