ports/140855: Port gpstk: reading dual frequency NovaTel data, buffer overflow

IPS Freebsd freebsd at ips.gov.au
Wed Nov 25 04:30:04 UTC 2009 

The following reply was made to PR ports/140855; it has been noted by GNATS.

From: IPS Freebsd <freebsd at ips.gov.au>
To: bug-followup at FreeBSD.org, freebsd at ips.gov.au
Cc:  
Subject: Re: ports/140855: Port gpstk: reading dual frequency NovaTel data,
 buffer overflow
Date: Wed, 25 Nov 2009 15:03:40 +1100

 This is a multi-part message in MIME format.
 --------------080303090700050208080907
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit
 
 Patch files not listed in Fix:
 
 Please find shar file attached
 
 --------------080303090700050208080907
 Content-Type: text/plain;
  name="patch.shar"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="patch.shar"
 
 # This is a shell archive.  Save it in a file, remove anything before
 # this line, and then unpack it by entering "sh file".  Note, it may
 # create directories; files and directories will be owned by you and
 # have default permissions.
 #
 # This archive contains:
 #
 #	patch-lib-rxio-NovatelData.cpp
 #	patch-lib-rxio-NovatelData.hpp
 #
 echo x - patch-lib-rxio-NovatelData.cpp
 sed 's/^X//' >patch-lib-rxio-NovatelData.cpp << '9055c5ae95537ffce7017347c450ad8a'
 X--- lib/rxio/NovatelData.cpp.FCS	2009-11-24 09:08:46.000000000 +1100
 X+++ lib/rxio/NovatelData.cpp	2009-11-24 09:40:31.000000000 +1100
 X@@ -304,7 +304,9 @@
 X                      cout << "datasize:" << datasize << endl;
 X 
 X                      // read the rest of the record
 X-                  if(datasize-12 >= 1024) {
 X+		     // Note: OEM2 The Message byte count equals the total 
 X+		     // length of the data block including the header.
 X+                  if(datasize >= sizeof(buffer)) {
 X                      //FFStreamError fe("Read error - buffer overflow");
 X                      //GPSTK_THROW(fe);
 X                      failure = 1;
 X@@ -440,7 +442,8 @@
 X                      // ---------------------------------------
 X                      // read the data message, but don't overwrite the header
 X                      // first check against buffer overflow
 X-                  if(datasize-28 >= 1024 || datasize-28 < 0) {
 X+		     // OEM4 total buffer usage = header+data
 X+                  if(datasize+28 >= sizeof(buffer)) {
 X                      //FFStreamError fe("Read error - buffer overflow");
 X                      //GPSTK_THROW(fe);
 X                      failure = 1;
 9055c5ae95537ffce7017347c450ad8a
 echo x - patch-lib-rxio-NovatelData.hpp
 sed 's/^X//' >patch-lib-rxio-NovatelData.hpp << 'd17e545dcdfa01d94986b0d4e73c9e06'
 X--- lib/rxio/NovatelData.hpp.FCS	2009-11-24 09:08:58.000000000 +1100
 X+++ lib/rxio/NovatelData.hpp	2009-11-24 09:09:34.000000000 +1100
 X@@ -165,7 +165,7 @@
 X 
 X    private:
 X          /// private data members
 X-      unsigned char buffer[1024];   ///< buffer for raw data
 X+      unsigned char buffer[2048];   ///< buffer for raw data
 X 
 X          /// Reference GPS week, for OEM2, where the nav records require a GPS week,
 X          /// but only the obs records have one, and then it is 10-bit.
 d17e545dcdfa01d94986b0d4e73c9e06
 exit
 
 
 --------------080303090700050208080907--

More information about the freebsd-ports-bugs mailing list