Closed invd closed 9 months ago
Why is the input value so large?
I found the mentioned edge cases during fuzzing with libFuzzer in combination with UBSan. As such, they don't represent output seen from interacting with actual GPS hardware modules.
To make lwgps robust against problematic behavior when encountering such input, I recommend handling or rejecting large values in the calculations more deliberately to avoid running into undefined behavior.
prv_parse_lat_long()
Code location: https://github.com/MaJerle/lwgps/blob/c094d2afcd86b71ed042d654cad26d4b3b18e26c/lwgps/src/lwgps/lwgps.c#L142
Hexdump of problematic input:
prv_parse_number()
Code location: https://github.com/MaJerle/lwgps/blob/c094d2afcd86b71ed042d654cad26d4b3b18e26c/lwgps/src/lwgps/lwgps.c#L90
Hexdump of problematic input:
libFuzzer harness in use
Derived from
example.c
and published under same license.