From 81e05de4391c11fad7faf9bc164f92e128a49d25 Mon Sep 17 00:00:00 2001 From: Daniel Brahneborg Date: Thu, 28 Mar 2002 09:47:25 +0000 Subject: Some buffer overrun checks. Removed the --force flag. --- lib/siscomponentrecord.cpp | 3 +++ lib/siscomponentrecord.h | 5 +++++ lib/sisfile.cpp | 6 +++++- lib/sisfilerecord.cpp | 22 +++++++++++++++++----- lib/sisfilerecord.h | 15 ++++++++++++--- lib/sistypes.h | 1 + 6 files changed, 43 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/siscomponentrecord.cpp b/lib/siscomponentrecord.cpp index 83781d1..3507bce 100644 --- a/lib/siscomponentrecord.cpp +++ b/lib/siscomponentrecord.cpp @@ -29,6 +29,8 @@ SISComponentNameRecord::~SISComponentNameRecord() { + for (int i = 0; i < m_nameCount; ++i) + delete[] m_names[i]; delete[] m_names; } @@ -62,6 +64,7 @@ SISComponentNameRecord::fillFrom(uint8_t* buf, int base, off_t len, // Then read ptrs. // m_names = new uint8_t*[n]; + m_nameCount = n; for (int i = 0; i < n; ++i) { m_namePtrs[i] = read32(p + size); diff --git a/lib/siscomponentrecord.h b/lib/siscomponentrecord.h index 5fbf945..f2bc734 100644 --- a/lib/siscomponentrecord.h +++ b/lib/siscomponentrecord.h @@ -70,6 +70,11 @@ private: */ uint8_t** m_names; + /** + * The number of names, so we know how much to delete. + */ + int m_nameCount; + }; #endif diff --git a/lib/sisfile.cpp b/lib/sisfile.cpp index 62a2ce1..df60695 100644 --- a/lib/sisfile.cpp +++ b/lib/sisfile.cpp @@ -110,6 +110,7 @@ SISFile::fillFrom(uint8_t* buf, off_t len) n = m_header.m_nfiles; m_fileRecords = new SISFileRecord[n]; ix = m_header.m_filesPtr; + SisRC myrc = SIS_OK; for (int i = 0; i < n; ++i) { if (ix >= len) @@ -118,7 +119,10 @@ SISFile::fillFrom(uint8_t* buf, off_t len) if (rc != SIS_OK) { printf(_("Problem reading file record %d, rc = %d.\n"), i, rc); - return rc; + if (rc == SIS_TRUNCATEDDATA) + myrc = rc; + else + return rc; } } diff --git a/lib/sisfilerecord.cpp b/lib/sisfilerecord.cpp index 95e75ed..a483b80 100644 --- a/lib/sisfilerecord.cpp +++ b/lib/sisfilerecord.cpp @@ -32,7 +32,9 @@ SISFileRecord::fillFrom(uint8_t* buf, int* base, off_t len, SISFile* sisFile) if (*base + 28 + 4 * 2 > len) return SIS_TRUNCATED; + SisRC rc = SIS_OK; m_buf = buf; + m_len = len; uint8_t* p = buf + *base; int size = 0; m_flags = read32(p); @@ -89,16 +91,16 @@ SISFileRecord::fillFrom(uint8_t* buf, int* base, off_t len, SISFile* sisFile) for (int i = 0; i < n; ++i) { m_fileLengths[i] = read32(p + size); - if (m_fileLengths[i] > len) - return SIS_TRUNCATED; +// if (m_fileLengths[i] > len) +// rc = SIS_TRUNCATEDDATA; size += 4; } for (int i = 0; i < n; ++i) { m_filePtrs[i] = read32(p + size); int fileLen = m_fileLengths[i]; - if (m_filePtrs[i] + fileLen > len) - return SIS_TRUNCATED; +// if (m_filePtrs[i] + fileLen > len) +// rc = SIS_TRUNCATEDDATA; size += 4; if (logLevel >= 2) printf(_("File %d (for %s) is %d bytes long (at %d)\n"), @@ -122,7 +124,17 @@ SISFileRecord::fillFrom(uint8_t* buf, int* base, off_t len, SISFile* sisFile) printf(_("Unknown file flags %d\n"), m_flags); } *base += size; - return SIS_OK; + return rc; +} + +uint8_t* +SISFileRecord::getFilePtr(int fileNo) +{ + if (fileNo < 0) + return 0; + if (m_filePtrs[fileNo] >= m_len) + return 0; + return &m_buf[m_filePtrs[fileNo]]; } void diff --git a/lib/sisfilerecord.h b/lib/sisfilerecord.h index d0ccced..96a5f2a 100644 --- a/lib/sisfilerecord.h +++ b/lib/sisfilerecord.h @@ -50,9 +50,15 @@ public: uint8_t* getDestPtr() { - return &m_buf[m_destPtr]; + return m_destPtr < m_len ? &m_buf[m_destPtr] : 0; } + /** + * Return a pointer to the file data for the file for the specified + * language. + */ + uint8_t* getFilePtr(int fileNo); + void setMainDrive(char drive); /** @@ -90,18 +96,21 @@ public: uint32_t m_sourceLength; uint32_t m_sourcePtr; uint32_t m_destLength; - uint32_t m_destPtr; uint32_t* m_fileLengths; - uint32_t* m_filePtrs; private: + uint32_t m_destPtr; + uint32_t* m_filePtrs; + /** * The buffer we belong to. * Used for updating the destination file name. */ uint8_t* m_buf; + int m_len; + }; #endif diff --git a/lib/sistypes.h b/lib/sistypes.h index a5d008f..131c4dc 100644 --- a/lib/sistypes.h +++ b/lib/sistypes.h @@ -31,6 +31,7 @@ enum SisRC { SIS_OK = 0, SIS_TRUNCATED, + SIS_TRUNCATEDDATA, SIS_CORRUPTED, SIS_FAILED, SIS_ABORTED, -- cgit v1.2.3