From ed6fded4566ee185f6df132e01bdc959289d3836 Mon Sep 17 00:00:00 2001
From: Ingo Schwarze <schwarze@openbsd.org>
Date: Thu, 18 Dec 2014 17:43:41 +0000
Subject: Don't let the modulo operator divide by zero. Found by jsg@ with afl.

---
 roff.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roff.c b/roff.c
index 5d0d57f8..58fbfd44 100644
--- a/roff.c
+++ b/roff.c
@@ -1576,7 +1576,7 @@ roff_evalnum(struct roff *r, int ln, const char *v,
 			*res *= operand2;
 			break;
 		case '/':
-			if (0 == operand2) {
+			if (operand2 == 0) {
 				mandoc_msg(MANDOCERR_DIVZERO,
 					r->parse, ln, *pos, v);
 				*res = 0;
@@ -1585,6 +1585,12 @@ roff_evalnum(struct roff *r, int ln, const char *v,
 			*res /= operand2;
 			break;
 		case '%':
+			if (operand2 == 0) {
+				mandoc_msg(MANDOCERR_DIVZERO,
+					r->parse, ln, *pos, v);
+				*res = 0;
+				break;
+			}
 			*res %= operand2;
 			break;
 		case '<':
-- 
cgit