From cdd68527099bbf2724f742e9a5b1e39c650bb259 Mon Sep 17 00:00:00 2001
From: Steven Noonan <steven@uplinklabs.net>
Date: Mon, 5 Mar 2018 09:10:38 -0800
Subject: [PATCH] KdbxReader::readDatabase: abort if reading magic numbers
 fails

Building with -flto caught the fact that we were ignoring the return
value of readMagicNumbers(), which potentially left the value of 'sig2'
uninitialized.

Signed-off-by: Steven Noonan <steven@uplinklabs.net>
---
 src/format/KdbxReader.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/format/KdbxReader.cpp b/src/format/KdbxReader.cpp
index 36ff6d197..5393b743f 100644
--- a/src/format/KdbxReader.cpp
+++ b/src/format/KdbxReader.cpp
@@ -71,7 +71,9 @@ Database* KdbxReader::readDatabase(QIODevice* device, const CompositeKey& key, b
 
     // read KDBX magic numbers
     quint32 sig1, sig2;
-    readMagicNumbers(&headerStream, sig1, sig2, m_kdbxVersion);
+    if (!readMagicNumbers(&headerStream, sig1, sig2, m_kdbxVersion)) {
+        return nullptr;
+    }
     m_kdbxSignature = qMakePair(sig1, sig2);
 
     // mask out minor version