From 3cabd331ee1b638b02334155f831a8715fea399a Mon Sep 17 00:00:00 2001 From: Vincent Sanders Date: Sun, 26 Apr 2015 00:32:42 +0100 Subject: Ensure result of ftell is checked for errors The ftell call in the html renderer handling of drag and drop was not checking its return value for errors which could have resulted in attempting to read -1 bytes. coverity 1251038 --- render/html.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'render/html.c') diff --git a/render/html.c b/render/html.c index 5fb2feabd..e8692a0a7 100644 --- a/render/html.c +++ b/render/html.c @@ -1934,6 +1934,12 @@ static bool html_drop_file_at_point(struct content *c, int x, int y, char *file) file_len = ftell(fp); fseek(fp, 0, SEEK_SET); + if ((long)file_len == -1) { + /* unable to get file length, but drop was for us */ + fclose(fp); + return true; + } + /* Allocate buffer for file data */ buffer = malloc(file_len + 1); if (buffer == NULL) { -- cgit v1.2.3