Check the return value of fread to make sure the readed data is valid

Bug 506207
author: Jeff Muizelaar <jmuizelaar@mozilla.com> 2011-03-29 22:48:33 -0400
committer: Jeff Muizelaar <jmuizelaar@mozilla.com> 2011-03-29 22:50:27 -0400
commit: 4bad861322e754e6b8f0270d21920bb9d02e4495 (patch)
tree: 86cf8269847e18cf7541af2a19ab34435d757023
parent: 02e88cecd09b2623fa6dd033daf272406e0962f9 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/iccread.c b/iccread.c
index cfe3d13..88ef537 100644
--- a/iccread.c
+++ b/iccread.c
@@ -784,9 +784,11 @@ qcms_profile* qcms_profile_from_file(FILE *file)
 	be32 length_be;
 	void *data;
 
-	fread(&length_be, sizeof(length), 1, file);
+	if (fread(&length_be, 1, sizeof(length_be), file) != sizeof(length_be))
+		return BAD_VALUE_PROFILE;
+
 	length = be32_to_cpu(length_be);
-	if (length > MAX_PROFILE_SIZE)
+	if (length > MAX_PROFILE_SIZE || length < sizeof(length_be))
 		return BAD_VALUE_PROFILE;
 
 	/* allocate room for the entire profile */
author	Jeff Muizelaar <jmuizelaar@mozilla.com>	2011-03-29 22:48:33 -0400
committer	Jeff Muizelaar <jmuizelaar@mozilla.com>	2011-03-29 22:50:27 -0400
commit	4bad861322e754e6b8f0270d21920bb9d02e4495 (patch)
tree	86cf8269847e18cf7541af2a19ab34435d757023
parent	02e88cecd09b2623fa6dd033daf272406e0962f9 (diff)