From 8e489a46965bbc3683cec7698ccaf71bb5855d2a Mon Sep 17 00:00:00 2001
From: Christophe Fergeau
Date: Sun, 1 Nov 2009 22:09:43 +0100
Subject: make sure 'length' is >=0 in afc_file_write

trying to write a negative amount of data doesn't make much sense, and bad
things will happen if we try to do that. Just treat negative length values
as an invalid argument. An alternative way of handling it would be to
silently return OK/0 bytes written.
---
 src/AFC.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/AFC.c b/src/AFC.c
index 54b3795..c97141c 100644
--- a/src/AFC.c
+++ b/src/AFC.c
@@ -819,7 +819,7 @@ afc_file_write(afc_client_t client, uint64_t handle,
 	char *out_buffer = NULL;
 	afc_error_t ret = AFC_E_SUCCESS;
 
-	if (!client || !client->afc_packet || !client->connection || !bytes || (handle == 0))
+	if (!client || !client->afc_packet || !client->connection || !bytes || (handle == 0) || (length < 0))
 		return AFC_E_INVALID_ARGUMENT;
 
 	afc_lock(client);
-- 
cgit v1.1-32-gdbae