- string = xmalloc (1 + (int)finfo.st_size);
- result = read (fd, string, finfo.st_size);
+ file_size = (size_t)finfo.st_size;
+ /* Check for overflow with large files. */
+ if (file_size != finfo.st_size || file_size + 1 < file_size)
+ {
+ (*errfunc) ("%s: file is too large", filename);
+ return ((flags & FEVAL_BUILTIN) ? EXECUTION_FAILURE : -1);
+ }
+ string = xmalloc (1 + file_size);
+ result = read (fd, string, file_size);