Description
The problem of dividing by zero was found during the OSS Fuzz project test.
Project: libexif
Fuzzer: libFuzzer_libexif_exif_loader_fuzzer
Fuzz target binary: exif_loader_fuzzer
Platform Id: linux
Type of test:undefined
Command:
python infra/helper.py build_fuzzers --sanitizer undefined libexif
python infra/helper.py run_fuzzer libexif exif_loader_fuzzer -max_total_time=300 -timeout=180
Results of execution:
exif-entry.c:1057:43: runtime error: division by zero
#0 0x4bd2c0 in exif_entry_get_value /src/libexif/libexif/exif-entry.c:1087:43
#1 0x4b3c7b in content_func(_ExifEntry*, void*) /src/exif_loader_fuzzer.cc:8:3
#2 0x4b4979 in exif_content_foreach_entry /src/libexif/libexif/ecif-content
The reason for this problem is that the division was performed without judging whether the divisor is zero.The pull request as follows
pull request : division by zero https://github.com/libexif/libexif/pull/32/commits/4431cd0d67c2b17bf764fa9c253f11051ae8355a