From 8a5d4a907b8a502405bc621a4322a2f7f6e8b8de Mon Sep 17 00:00:00 2001
From: Patrick Georgi <pgeorgi@google.com>
Date: Fri, 6 Sep 2019 19:56:33 +0200
Subject: futility/updater: verify that data copied from stdin is complete

Found by Coverity Scan #198910

BUG=none
BRANCH=none
TEST=none

Change-Id: I609a3a1fe4d38b5c417608ef8574df6286dfbfda
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1789709
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
---
 futility/updater.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/futility/updater.c b/futility/updater.c
index 4d523e29..9e54aa6c 100644
--- a/futility/updater.c
+++ b/futility/updater.c
@@ -1794,7 +1794,10 @@ static int save_from_stdin(const char *output)
 
 	while (!feof(in)) {
 		sz = fread(buffer, 1, sizeof(buffer), in);
-		fwrite(buffer, 1, sz, out);
+		if (fwrite(buffer, 1, sz, out) != sz) {
+			fclose(out);
+			return -1;
+		}
 	}
 	fclose(out);
 	return 0;
-- 
cgit v1.2.1