diff options
author | Chris Kuethe <chris.kuethe@gmail.com> | 2005-09-28 15:41:08 +0000 |
---|---|---|
committer | Chris Kuethe <chris.kuethe@gmail.com> | 2005-09-28 15:41:08 +0000 |
commit | a922b9b373a5fcd251a1e054056fcc45e0424a41 (patch) | |
tree | 93bf1e97fb8b5fa5e0679454ea6b59b66096265c /cgpxlogger.c | |
parent | 8d06ab86f1b4606886f721a1267a6752be47373b (diff) | |
download | gpsd-a922b9b373a5fcd251a1e054056fcc45e0424a41.tar.gz |
Bad hacker - no donut!
Unbounded scanf() is bad.
I know that latitude and longitude should never be more than 11 characters:
1-3 digits for degrees, 6 digits for fractions of a degree, a decimal point
and possibly a minus sign. Eleven characters. Thus, we read up to 12 bytes
(make room for the trailing NULL) into a 16 byte buffer (I like powers of 2).
Diffstat (limited to 'cgpxlogger.c')
-rw-r--r-- | cgpxlogger.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/cgpxlogger.c b/cgpxlogger.c index 6675f07f..d4361a15 100644 --- a/cgpxlogger.c +++ b/cgpxlogger.c @@ -196,7 +196,7 @@ void bye(int signum){ want_exit = signum; } void process(char *buf){ char *answers[NUM + 2], **ap; int i, j; - char c, junk1[32], junk2[32]; + char c, junk1[16], junk2[16]; if (strncmp("GPSD,", buf, 5) != 0) return; /* lines should start with "GPSD," */ @@ -228,9 +228,9 @@ void process(char *buf){ gps_ctx.status = j; break; case 'P': - bzero( &junk1, 32); - bzero( &junk2, 32); - sscanf(answers[i], "P=%s %s", (char *)&junk1, (char *)&junk2); + bzero( &junk1, 16); + bzero( &junk2, 16); + sscanf(answers[i], "P=%12s %12s", (char *)&junk1, (char *)&junk2); gps_ctx.latitude = atof((char *)&junk1); gps_ctx.longitude = atof((char *)&junk2); break; case 'A': |