From a431ffcc27b364b7cc2b280ad33873e0157e7e99 Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@altlinux.org>
Date: Thu, 18 May 2017 12:29:50 +0300
Subject: [PATCH] quotaops: check return code of fgets calls
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

fgets can return NULL anytime, do not ignore it.

Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
 quotaops.c | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/quotaops.c b/quotaops.c
index 5e6026e..6f245b7 100644
--- a/quotaops.c
+++ b/quotaops.c
@@ -330,8 +330,12 @@ int readprivs(struct dquot *qlist, int infd)
 	/*
 	 * Discard title lines, then read lines to process.
 	 */
-	fgets(line, sizeof(line), fd);
-	fgets(line, sizeof(line), fd);
+	if (!fgets(line, sizeof(line), fd) ||
+	    !fgets(line, sizeof(line), fd)) {
+		errstr(_("Bad format: two title lines assumed\n"));
+		fclose(fd);
+		return -1;
+	}
 
 	while (fgets(line, sizeof(line), fd)) {
 		cnt = sscanf(line, "%s %s %s %s %s %s %s",
@@ -481,9 +485,13 @@ int readindividualtimes(struct dquot *qlist, int infd)
 	/*
 	 * Discard title lines, then read lines to process.
 	 */
-	fgets(line, sizeof(line), fd);
-	fgets(line, sizeof(line), fd);
-	fgets(line, sizeof(line), fd);
+	if (!fgets(line, sizeof(line), fd) ||
+	    !fgets(line, sizeof(line), fd) ||
+	    !fgets(line, sizeof(line), fd)) {
+		errstr(_("Bad format: three title lines assumed\n"));
+		fclose(fd);
+		return -1;
+	}
 
 	time(&now);
 	while (fgets(line, sizeof(line), fd)) {
@@ -583,9 +591,13 @@ int readtimes(struct quota_handle **handles, int infd)
 	/*
 	 * Discard three title lines, then read lines to process.
 	 */
-	fgets(line, sizeof(line), fd);
-	fgets(line, sizeof(line), fd);
-	fgets(line, sizeof(line), fd);
+	if (!fgets(line, sizeof(line), fd) ||
+	    !fgets(line, sizeof(line), fd) ||
+	    !fgets(line, sizeof(line), fd)) {
+		errstr(_("Bad format: three title lines assumed\n"));
+		fclose(fd);
+		return -1;
+	}
 
 	while (fgets(line, sizeof(line), fd)) {
 		cnt = sscanf(line, "%s %d %s %d %s", fsp, &btime, bunits, &itime, iunits);
-- 
2.9.4