From a4dcb0ecf632832258ebb523c6bc39b7b94f8775 Mon Sep 17 00:00:00 2001
From: Daniel Brahneborg <basic@chello.se>
Date: Sun, 3 Mar 2002 22:02:40 +0000
Subject: Add buffer overflow checks to handle truncated and corrupted sis
 files.

---
 sisinstall/sismain.cpp | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

(limited to 'sisinstall/sismain.cpp')

diff --git a/sisinstall/sismain.cpp b/sisinstall/sismain.cpp
index 8516b0f..5a5b640 100644
--- a/sisinstall/sismain.cpp
+++ b/sisinstall/sismain.cpp
@@ -67,12 +67,19 @@ void main(int argc, char* argv[])
 		}
 	createCRCTable();
 	SISFile sisFile;
-	sisFile.fillFrom(buf);
-	if (!dryrun)
+	SisRC rc = sisFile.fillFrom(buf, len);
+	if (rc == SIS_OK)
 		{
-		SISInstaller installer;
-		installer.setPsion(psion);
-		installer.run(&sisFile, buf);
+		if (!dryrun)
+			{
+			SISInstaller installer;
+			installer.setPsion(psion);
+			installer.run(&sisFile, buf, len);
+			}
+		}
+	else
+		{
+		printf("Could not parse the sis file.\n");
 		}
 	psion->disconnect();
 
-- 
cgit v1.2.3