a div zero vul in function fetch_and_process_audio() in libtheora 1.1.1
╭─root@linux-jiangxin in /home/jiangxin/experiment/fuzz/AFL/target/libtheora-1.1.1/examples ╰$ gdb encoder_exampleGNU gdb (GDB) 7.9Copyright (C) 2015 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law. Type "show copying"and "show warranty" for details.This GDB was configured as "x86_64-unknown-linux-gnu".Type "show configuration" for configuration details.For bug reporting instructions, please see:<http://www.gnu.org/software/gdb/bugs/>.Find the GDB manual and other documentation resources online at:<http://www.gnu.org/software/gdb/documentation/>.For help, type "help".Type "apropos word" to search for commands related to "word"...Reading symbols from encoder_example...done.(gdb) run ../fuzz/out/Master2/crashes/id:000000,sig:08,src:000000,op:flip1,pos:22 xxx.y4mCompressing.... pgl쭌躲£¿K+y*ªFၑﲘ።ڗܙ䆾V䔍ᤆ"h1^E³¯¹3⛟䪩Rp¨푳meɆ/Program received signal SIGFPE, Arithmetic exception.fetch_and_process_audio (audio=0x83b010, audiopage=audiopage@entry=0x7fffffffda10, vo=vo@entry=0x7fffffffde10, vd=vd@entry=0x7fffffffdb20, vb=vb@entry=0x7fffffffdbb0, audioflag=audioflag@entry=0) at encoder_example.c:947947 int toread=4096/2/audio_ch;(gdb) bt#0 fetch_and_process_audio (audio=0x83b010, audiopage=audiopage@entry=0x7fffffffda10, vo=vo@entry=0x7fffffffde10, vd=vd@entry=0x7fffffffdb20, vb=vb@entry=0x7fffffffdbb0, audioflag=audioflag@entry=0) at encoder_example.c:947#1 0x0000000000405a9b in main (argc=<optimized out>, argv=<optimized out>) at encoder_example.c:1754(gdb) p audio_ch$1 = 0
