Google Git
Sign in
pdfium/pdfium/c2769c8dcb2fd5fb703b00a4e9747389f47da4a1^!/.
commit
c2769c8dcb2fd5fb703b00a4e9747389f47da4a1
[log] [tgz]
author
Tom Sepez <tsepez@chromium.org>
Mon Apr 25 19:57:22 2022 +0000
committer
Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com>
Mon Apr 25 19:57:22 2022 +0000
tree
07a3da69fcf03eb666845943430edbd4f105dfb0
parent
cfcefe544f79eaab65faa47bd59fdd96bbf41091 [diff]
Avoid FP div by 0 in CPDF_PSEngine::DoOperator()

Strictly speaking, it is UB, but does not seem to affect the
platforms we care about.

Bug: pdfium:1824
Change-Id: Ibfc53cec69ab53b7ed28cac64b495d4a9d7932a6
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/93051
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>

diff --git a/core/fpdfapi/page/cpdf_psengine.cpp b/core/fpdfapi/page/cpdf_psengine.cpp
index 6ae14b3..ecdab3c 100644
--- a/core/fpdfapi/page/cpdf_psengine.cpp
+++ b/core/fpdfapi/page/cpdf_psengine.cpp

@@ -235,7 +235,7 @@
     case PSOP_DIV:
       d2 = Pop();
       d1 = Pop();
-      Push(d1 / d2);
+      Push(d2 ? d1 / d2 : 0);
       break;
     case PSOP_IDIV:
       i2 = PopInt();

diff --git a/core/fpdfapi/page/cpdf_psengine_unittest.cpp b/core/fpdfapi/page/cpdf_psengine_unittest.cpp
index fdaea52..4141c25 100644
--- a/core/fpdfapi/page/cpdf_psengine_unittest.cpp
+++ b/core/fpdfapi/page/cpdf_psengine_unittest.cpp

@@ -103,12 +103,15 @@
   EXPECT_FLOAT_EQ(5.0f, DoOperator1(&engine, -5, PSOP_ABS));
 }
 
-TEST(CPDF_PSEngine, IDivByZero) {
+TEST(CPDF_PSEngine, DivByZero) {
   CPDF_PSEngine engine;
 
   // Integer divide by zero is defined as resulting in 0.
   EXPECT_FLOAT_EQ(0.0f, DoOperator2(&engine, 100, 0.0, PSOP_IDIV));
   EXPECT_FLOAT_EQ(0.0f, DoOperator2(&engine, 100, 0.0, PSOP_MOD));
+
+  // floating divide by zero is defined as resulting in 0.
+  EXPECT_FLOAT_EQ(0.0f, DoOperator2(&engine, 100, 0.0, PSOP_DIV));
 }
 
 TEST(CPDF_PSEngine, Ceiling) {