Check the return value of fread to make sure the readed data is valid
Bug 506207
diff --git a/iccread.c b/iccread.c
index cfe3d13..88ef537 100644
--- a/iccread.c
+++ b/iccread.c
@@ -784,9 +784,11 @@
be32 length_be;
void *data;
- fread(&length_be, sizeof(length), 1, file);
+ if (fread(&length_be, 1, sizeof(length_be), file) != sizeof(length_be))
+ return BAD_VALUE_PROFILE;
+
length = be32_to_cpu(length_be);
- if (length > MAX_PROFILE_SIZE)
+ if (length > MAX_PROFILE_SIZE || length < sizeof(length_be))
return BAD_VALUE_PROFILE;
/* allocate room for the entire profile */