GPSBabel / gpsbabel

GPSBabel: convert, manipulate, and transfer data from GPS programs or GPS receivers. Open Source and supported on MacOS, Windows, Linux, and more. Pointy clicky GUI or a command line version...
https://www.gpsbabel.org
GNU General Public License v2.0
477 stars 127 forks source link

garmin writes can use uninitialized data #1300

Closed tsteven4 closed 3 months ago

tsteven4 commented 3 months ago

On example occurs if route name contains a space within the first 19 characters. Many other occurrences of non-alphanumeric characters can cause the same problem.

This is due to a bug in copy_char_array in jeeps/gpsapp.cc. If isalnum detects a non-alphanumeric character then no character is copied and count is decremented. This can result in less than ocount characters being copied, leaving uninitialized data in the packet.

https://github.com/GPSBabel/gpsbabel/blob/92b4888a829775ad6f28a5efd0e56a357cf68490/jeeps/gpsapp.cc#L131-L150

This results in various errors being detected with valgrind including Conditional jump or move depends on uninitialised value(s), Use of uninitialised value of size 8, and Syscall param write(buf) points to uninitialised byte(s)

vg.log