A "division by zero" bug in coders/wmf.c allows remote attacker to cause a denial of service to imagemagick via "identify $FILE"
coders/wmf.c:2551:31: runtime error: division by zero
coders/wmf.c:2566:38: runtime error: division by zero
Verified with latest build 1_3_31
POC: https://github.com/rshariffdeen/poc/blob/master/0003-graphicsmagick-dividebyzero-identify
This problem is fixed by Mercurial changeset 15957:72b0bcf425b6. It seems like libwmf should have reported an error from wmf_scan() if the bounding box is zero.