From 4bad861322e754e6b8f0270d21920bb9d02e4495 Mon Sep 17 00:00:00 2001
From: Jeff Muizelaar <jmuizelaar@mozilla.com>
Date: Tue, 29 Mar 2011 22:48:33 -0400
Subject: Check the return value of fread to make sure the readed data is valid

Bug 506207
---
 iccread.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/iccread.c b/iccread.c
index cfe3d13..88ef537 100644
--- a/iccread.c
+++ b/iccread.c
@@ -784,9 +784,11 @@ qcms_profile* qcms_profile_from_file(FILE *file)
 	be32 length_be;
 	void *data;
 
-	fread(&length_be, sizeof(length), 1, file);
+	if (fread(&length_be, 1, sizeof(length_be), file) != sizeof(length_be))
+		return BAD_VALUE_PROFILE;
+
 	length = be32_to_cpu(length_be);
-	if (length > MAX_PROFILE_SIZE)
+	if (length > MAX_PROFILE_SIZE || length < sizeof(length_be))
 		return BAD_VALUE_PROFILE;
 
 	/* allocate room for the entire profile */
-- 
cgit v1.2.3