Information

File: source/fitz/load-tiff.c
Function: tiff_decode_ifd()

There is a division0by-zero in tiff_decode_ifd().
To reproduce, use fz_load_tiff on data from the attached document.

Crash Trace:

AddressSanitizer:DEADLYSIGNAL
=================================================================
==25690==ERROR: AddressSanitizer: FPE on unknown address 0x56250256ca26 (pc 0x56250256ca26 bp 0x7ffd983d1930 sp 0x7ffd983d1870 T0)
    #0 0x56250256ca25 in tiff_decode_ifd source/fitz/load-tiff.c:1261
    #1 0x56250256e2ed in fz_load_tiff_subimage source/fitz/load-tiff.c:1390
    #2 0x56250256eb97 in fz_load_tiff source/fitz/load-tiff.c:1431

Attachments:
poc.tiff

References: