From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 16 Aug 2022 10:30:56 +0000 (+0000)
Subject: Check return value of fread() when reading header
X-Git-Tag: 0.9.15~39
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=98b2876e532ca896032595fa9e39e4e73da68de2;p=location%2Flibloc.git

Check return value of fread() when reading header

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/database.c b/src/database.c
index dcb84a1..6d2753b 100644
--- a/src/database.c
+++ b/src/database.c
@@ -486,6 +486,8 @@ LOC_EXPORT struct loc_database* loc_database_unref(struct loc_database* db) {
 }
 
 LOC_EXPORT int loc_database_verify(struct loc_database* db, FILE* f) {
+	size_t bytes_read = 0;
+
 	// Cannot do this when no signature is available
 	if (!db->signature1 && !db->signature2) {
 		DEBUG(db->ctx, "No signature available to verify\n");
@@ -523,7 +525,12 @@ LOC_EXPORT int loc_database_verify(struct loc_database* db, FILE* f) {
 
 	// Read magic
 	struct loc_database_magic magic;
-	fread(&magic, 1, sizeof(magic), db->f);
+	bytes_read = fread(&magic, 1, sizeof(magic), db->f);
+	if (bytes_read < sizeof(magic)) {
+		ERROR(db->ctx, "Could not read header: %m\n");
+		r = 1;
+		goto CLEANUP;
+	}
 
 	hexdump(db->ctx, &magic, sizeof(magic));
 
@@ -538,7 +545,6 @@ LOC_EXPORT int loc_database_verify(struct loc_database* db, FILE* f) {
 
 	// Read the header
 	struct loc_database_header_v1 header_v1;
-	size_t bytes_read;
 
 	switch (db->version) {
 		case LOC_DATABASE_VERSION_1:
diff --git a/src/writer.c b/src/writer.c
index 7afba86..9ca87cb 100644
--- a/src/writer.c
+++ b/src/writer.c
@@ -537,6 +537,8 @@ static int loc_database_write_countries(struct loc_writer* writer,
 static int loc_writer_create_signature(struct loc_writer* writer,
 		struct loc_database_header_v1* header, FILE* f, EVP_PKEY* private_key,
 		char* signature, size_t* length) {
+	size_t bytes_read = 0;
+
 	DEBUG(writer->ctx, "Creating signature...\n");
 
 	// Read file from the beginning
@@ -554,7 +556,12 @@ static int loc_writer_create_signature(struct loc_writer* writer,
 
 	// Read magic
 	struct loc_database_magic magic;
-	fread(&magic, 1, sizeof(magic), f);
+	bytes_read = fread(&magic, 1, sizeof(magic), f);
+	if (bytes_read < sizeof(magic)) {
+		ERROR(writer->ctx, "Could not read header: %m\n");
+		r = 1;
+		goto END;
+	}
 
 	hexdump(writer->ctx, &magic, sizeof(magic));
 
@@ -580,7 +587,7 @@ static int loc_writer_create_signature(struct loc_writer* writer,
 	// Walk through the file in chunks of 64kB
 	char buffer[64 * 1024];
 	while (!feof(f)) {
-		size_t bytes_read = fread(buffer, 1, sizeof(buffer), f);
+		bytes_read = fread(buffer, 1, sizeof(buffer), f);
 
 		if (ferror(f)) {
 			ERROR(writer->ctx, "Error reading from file: %m\n");