Date: Wed, 25 Nov 2009 04:30:05 GMT From: "C Thomson (IPS IT HO)" <c.thomson@ips.gov.au> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/140855: Port gpstk: reading dual frequency NovaTel data, buffer overflow Message-ID: <200911250430.nAP4U5Tp094223@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/140855; it has been noted by GNATS.
From: "C Thomson (IPS IT HO)" <c.thomson@ips.gov.au>
To: FreeBSD-gnats-submit@FreeBSD.org, freebsd@ips.gov.au
Cc:
Subject: Re: ports/140855: Port gpstk: reading dual frequency NovaTel data,
buffer overflow
Date: Wed, 25 Nov 2009 15:09:07 +1100
This is a multi-part message in MIME format.
--------------090905060903030208080807
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Patch files not listed in Fix:
Please find shar file attached
--------------090905060903030208080807
Content-Type: text/plain;
name="patch.shar"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="patch.shar"
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# patch-lib-rxio-NovatelData.cpp
# patch-lib-rxio-NovatelData.hpp
#
echo x - patch-lib-rxio-NovatelData.cpp
sed 's/^X//' >patch-lib-rxio-NovatelData.cpp << '9055c5ae95537ffce7017347c450ad8a'
X--- lib/rxio/NovatelData.cpp.FCS 2009-11-24 09:08:46.000000000 +1100
X+++ lib/rxio/NovatelData.cpp 2009-11-24 09:40:31.000000000 +1100
X@@ -304,7 +304,9 @@
X cout << "datasize:" << datasize << endl;
X
X // read the rest of the record
X- if(datasize-12 >= 1024) {
X+ // Note: OEM2 The Message byte count equals the total
X+ // length of the data block including the header.
X+ if(datasize >= sizeof(buffer)) {
X //FFStreamError fe("Read error - buffer overflow");
X //GPSTK_THROW(fe);
X failure = 1;
X@@ -440,7 +442,8 @@
X // ---------------------------------------
X // read the data message, but don't overwrite the header
X // first check against buffer overflow
X- if(datasize-28 >= 1024 || datasize-28 < 0) {
X+ // OEM4 total buffer usage = header+data
X+ if(datasize+28 >= sizeof(buffer)) {
X //FFStreamError fe("Read error - buffer overflow");
X //GPSTK_THROW(fe);
X failure = 1;
9055c5ae95537ffce7017347c450ad8a
echo x - patch-lib-rxio-NovatelData.hpp
sed 's/^X//' >patch-lib-rxio-NovatelData.hpp << 'd17e545dcdfa01d94986b0d4e73c9e06'
X--- lib/rxio/NovatelData.hpp.FCS 2009-11-24 09:08:58.000000000 +1100
X+++ lib/rxio/NovatelData.hpp 2009-11-24 09:09:34.000000000 +1100
X@@ -165,7 +165,7 @@
X
X private:
X /// private data members
X- unsigned char buffer[1024]; ///< buffer for raw data
X+ unsigned char buffer[2048]; ///< buffer for raw data
X
X /// Reference GPS week, for OEM2, where the nav records require a GPS week,
X /// but only the obs records have one, and then it is 10-bit.
d17e545dcdfa01d94986b0d4e73c9e06
exit
--------------090905060903030208080807--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200911250430.nAP4U5Tp094223>