Date: Wed, 25 Nov 2009 04:30:03 GMT From: IPS Freebsd <freebsd@ips.gov.au> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/140855: Port gpstk: reading dual frequency NovaTel data, buffer overflow Message-ID: <200911250430.nAP4U3A5094183@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/140855; it has been noted by GNATS. From: IPS Freebsd <freebsd@ips.gov.au> To: bug-followup@FreeBSD.org, freebsd@ips.gov.au Cc: Subject: Re: ports/140855: Port gpstk: reading dual frequency NovaTel data, buffer overflow Date: Wed, 25 Nov 2009 15:03:40 +1100 This is a multi-part message in MIME format. --------------080303090700050208080907 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Patch files not listed in Fix: Please find shar file attached --------------080303090700050208080907 Content-Type: text/plain; name="patch.shar" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="patch.shar" # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # patch-lib-rxio-NovatelData.cpp # patch-lib-rxio-NovatelData.hpp # echo x - patch-lib-rxio-NovatelData.cpp sed 's/^X//' >patch-lib-rxio-NovatelData.cpp << '9055c5ae95537ffce7017347c450ad8a' X--- lib/rxio/NovatelData.cpp.FCS 2009-11-24 09:08:46.000000000 +1100 X+++ lib/rxio/NovatelData.cpp 2009-11-24 09:40:31.000000000 +1100 X@@ -304,7 +304,9 @@ X cout << "datasize:" << datasize << endl; X X // read the rest of the record X- if(datasize-12 >= 1024) { X+ // Note: OEM2 The Message byte count equals the total X+ // length of the data block including the header. X+ if(datasize >= sizeof(buffer)) { X //FFStreamError fe("Read error - buffer overflow"); X //GPSTK_THROW(fe); X failure = 1; X@@ -440,7 +442,8 @@ X // --------------------------------------- X // read the data message, but don't overwrite the header X // first check against buffer overflow X- if(datasize-28 >= 1024 || datasize-28 < 0) { X+ // OEM4 total buffer usage = header+data X+ if(datasize+28 >= sizeof(buffer)) { X //FFStreamError fe("Read error - buffer overflow"); X //GPSTK_THROW(fe); X failure = 1; 9055c5ae95537ffce7017347c450ad8a echo x - patch-lib-rxio-NovatelData.hpp sed 's/^X//' >patch-lib-rxio-NovatelData.hpp << 'd17e545dcdfa01d94986b0d4e73c9e06' X--- lib/rxio/NovatelData.hpp.FCS 2009-11-24 09:08:58.000000000 +1100 X+++ lib/rxio/NovatelData.hpp 2009-11-24 09:09:34.000000000 +1100 X@@ -165,7 +165,7 @@ X X private: X /// private data members X- unsigned char buffer[1024]; ///< buffer for raw data X+ unsigned char buffer[2048]; ///< buffer for raw data X X /// Reference GPS week, for OEM2, where the nav records require a GPS week, X /// but only the obs records have one, and then it is 10-bit. d17e545dcdfa01d94986b0d4e73c9e06 exit --------------080303090700050208080907--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200911250430.nAP4U3A5094183>