From: DavidKorczynski <redacted>
Date: Mon, 12 Aug 2024 12:21:41 +0000 (+0100)
Subject: ggml: fix div-by-zero (llama/9003)
X-Git-Tag: upstream/0.0.1642~436
X-Git-Url: https://git.djapps.eu/?a=commitdiff_plain;h=59eb1abfebdecc37cb8e0d3c2a61553e7fab4a42;p=pkg%2Fggml%2Fsources%2Fggml

ggml: fix div-by-zero (llama/9003)

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70724

In order to access the above bug you need to login using one of the
emails in
https://github.com/google/oss-fuzz/blob/master/projects/llamacpp/project.yaml#L3-L5

Signed-off-by: David Korczynski <redacted>
---

diff --git a/src/ggml.c b/src/ggml.c
index 364abc38..790798ce 100644
--- a/src/ggml.c
+++ b/src/ggml.c
@@ -21700,7 +21700,7 @@ struct gguf_context * gguf_init_from_file(const char * fname, struct gguf_init_p
                 (int64_t) info->ne[2] *
                 (int64_t) info->ne[3];
 
-            if (ne % ggml_blck_size(info->type) != 0) {
+            if (ggml_blck_size(info->type) == 0 || ne % ggml_blck_size(info->type) != 0) {
                 fprintf(stderr, "%s: tensor '%s' of type %d (%s) number of elements (%" PRId64 ") is not a multiple of block size (%" PRId64 ")\n",
                         __func__, info->name.data, (int) info->type, ggml_type_name(info->type), ne, ggml_blck_size(info->type));
                 fclose(file);