speexenc encode wav file dos vulnerability

[Aurorainfinity]

when speexenc encode wav file , deal with channels 0 will generate a Division by zero error which will cause the software crash
sample.tar.gz
usage :
speexenc sample -

vulnerability function:
static int read_samples(FILE *fin,int frame_size, int bits, int channels, int lsb, short * input, char *buff, spx_int32_t size)
{
unsigned char in[MAX_FRAME_BYTES2];
int i;
short *s;
int nb_read;
size_t to_read;

if (size && *size<=0)
{
return 0;
}

to_read = bits/8channelsframe_size;

[tmatth]

@Aurorainfinity thanks, there's a fix waiting for review here if you want to test it out:
https://gitlab.xiph.org/xiph/speex/-/merge_requests/1

FYI: We only use github as a mirror, that's why the MR is over on our gitlab instance.

[tmatth]

Just to clarify, the code in question is not part of the libspeex library, it's only part of the speexenc example program.