Division by zero bug from libavformat/rawenc.c:70:50

[Suhwan]

Summary of the bug:
There's a division by zero bug in libavformat/rawenc.c:70.

How to reproduce:

run following cmd with tmp.avi file:
% ffmpeg_g  -y -i tmp.avi -map 0 -c:a:104 utvideo -c:v magicyuv -disposition:a g722 -disposition:s:8 pam -vframes 0 -aframes 25 -ar 22050 -ac 5 tmp_.adx

ffmpeg version : N-94137-g89b96900fa Copyright (c) 2000-2019 the FFmpeg developers

built with clang-9, clang-asan option.

[Carl Eugen Hoyos]

Possible patch sent.

[Carl Eugen Hoyos]

$ ffmpeg -f lavfi -i testsrc=d=1 -c:v mpeg4 -map 0 -f adx -y /dev/null 
ffmpeg version N-94142-g3b2082c663 Copyright (c) 2000-2019 the FFmpeg developers
  built with gcc 9 (SUSE Linux)
  configuration: --enable-gpl
  libavutil      56. 30.100 / 56. 30.100
  libavcodec     58. 53.100 / 58. 53.100
  libavformat    58. 28.101 / 58. 28.101
  libavdevice    58.  7.100 / 58.  7.100
  libavfilter     7. 55.100 /  7. 55.100
  libswscale      5.  4.101 /  5.  4.101
  libswresample   3.  4.100 /  3.  4.100
  libpostproc    55.  4.100 / 55.  4.100
Input #0, lavfi, from 'testsrc=d=1':
  Duration: N/A, start: 0.000000, bitrate: N/A
    Stream #0:0: Video: rawvideo (RGB[24] / 0x18424752), rgb24, 320x240 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
Stream mapping:
  Stream #0:0 -> #0:0 (rawvideo (native) -> mpeg4 (native))
Press [q] to stop, [?] for help
Output #0, adx, to '/dev/null':
  Metadata:
    encoder         : Lavf58.28.101
    Stream #0:0: Video: mpeg4, yuv420p, 320x240 [SAR 1:1 DAR 4:3], q=2-31, 200 kb/s, 25 fps, 25 tbn, 25 tbc
    Metadata:
      encoder         : Lavc58.53.100 mpeg4
    Side data:
      cpb: bitrate max/min/avg: 0/0/200000 buffer size: 0 vbv_delay: -1
[Parsed_testsrc_0 @ 0x24a9780] EOF timestamp not reliable
Floating point exception (core dumped)

[Kamalalochana Subbaiah]

Please confirm if version 4.0.0 of ffmpeg is affected by the above described vulnerability?

[James]

Fixed in aef24efb0c1e65097ab77a4bf9264189bdf3ace3