There are a few defects here ... ranging from a design issue to a potential buffer-overrun that could cause your system to be comprised and the attacker to be able to execute arbitrary code on your machine.

Hint #1:  It is not only important to test return values, but also to make sure you understand how to get extended error information.

Hint #2: What is the potential range of values for a LONG?

Hint #3: Is the caller given enough information on error?

Hint #4:

Think you know the defects?  Post your comments!