virFileReadLimFD: diagnose maxlen <= 0, rather than passing it on...

to saferead_lim, which interprets it as a size_t.
* src/util/util.c (virFileReadLimFD): Do not malfunction when
maxlen < -1.  Return -1,EINVAL in that case.  Handle maxlen==0
in the same manner.

diff --git a/src/util/util.c b/src/util/util.c
index 34c585d3d5cdb2e6a4726422ffbd35c567e3c49d..7a3a3c42330916465720e409ae3dc79de7bd2f53 100644 (file)
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -1030,10 +1030,17 @@ saferead_lim (int fd, size_t max_len, size_t *length)
 
 /* A wrapper around saferead_lim that maps a failure due to
    exceeding the maximum size limitation to EOVERFLOW.  */
-int virFileReadLimFD(int fd, int maxlen, char **buf)
+int
+virFileReadLimFD(int fd, int maxlen, char **buf)
 {
     size_t len;
-    char *s = saferead_lim (fd, maxlen+1, &len);
+    char *s;
+
+    if (maxlen <= 0) {
+        errno = EINVAL;
+        return -1;
+    }
+    s = saferead_lim (fd, maxlen+1, &len);
     if (s == NULL)
         return -1;
     if (len > maxlen || (int)len != len) {