RVD#3277: getopt, lemetry/frsky_telemetry.c:211, ...

id: 3277
title: 'RVD#3277: getopt, lemetry/frsky_telemetry.c:211, ...'
type: bug
description: "Truncate all input strings to a reasonable length \nbefore passing them\
  \ to this function @ /opt/px4_ws/Firmware/src/drivers/frsky_telemetry/frsky_telemetry.c211,\
  \ \n/opt/px4_ws/Firmware/src/drivers/aerofc_adc/aerofc_adc.cpp144, \n/opt/px4_ws/Firmware/src/drivers/bmi160/bmi160_main.cpp298,\
  \ \n/opt/px4_ws/Firmware/src/drivers/lis3mdl/lis3mdl.cpp1651, \n/opt/px4_ws/Firmware/src/drivers/pca8574/pca8574.cpp397,\
  \ \n/opt/px4_ws/Firmware/src/drivers/lps25h/lps25h.cpp1096, \n/opt/px4_ws/Firmware/src/drivers/oreoled/oreoled.cpp1618,\
  \ \n/opt/px4_ws/Firmware/src/drivers/mpu9250/main.cpp499, \n/opt/px4_ws/Firmware/src/drivers/irlock/irlock.cpp422,\
  \ \n/opt/px4_ws/Firmware/src/drivers/mpu6000/mpu6000.cpp2668, \n/opt/px4_ws/Firmware/src/drivers/pca9685/pca9685.cpp542,\
  \ \n/opt/px4_ws/Firmware/src/drivers/bmp280/bmp280.cpp985, \n/opt/px4_ws/Firmware/src/drivers/rgbled_pwm/rgbled_pwm.cpp302,\
  \ \n/opt/px4_ws/Firmware/src/drivers/lsm303d/lsm303d.cpp2153, \n/opt/px4_ws/Firmware/src/drivers/l3gd20/l3gd20.cpp1381,\
  \ \n/opt/px4_ws/Firmware/src/drivers/batt_smbus/batt_smbus.cpp1045, \n/opt/px4_ws/Firmware/src/drivers/hmc5883/hmc5883.cpp1813,\
  \ \n/opt/px4_ws/Firmware/src/drivers/bmm150/bmm150.cpp1144, \n/opt/px4_ws/Firmware/src/drivers/adis16448/adis16448.cpp2022,\
  \ \n/opt/px4_ws/Firmware/src/modules/systemlib/getopt_long.c407, \n"
cwe: None
cve: None
keywords:
- rats
- static analysis
- testing
- triage
- bug
- 'version: v1.7.0'
- 'robot component: PX4'
- components software
system: ''
vendor: null
severity:
  rvss-score: 0
  rvss-vector: ''
  severity-description: ''
  cvss-score: 0
  cvss-vector: ''
links:
- https://github.com/aliasrobotics/RVD/issues/3277
flaw:
  phase: testing
  specificity: subject-specific
  architectural-location: application-specific
  application: N/A
  subsystem: N/A
  package: N/A
  languages: None
  date-detected: 2020-06-29 (21:15)
  detected-by: Alias Robotics
  detected-by-method: testing static
  date-reported: 2020-06-29 (21:15)
  reported-by: Alias Robotics
  reported-by-relationship: automatic
  issue: https://github.com/aliasrobotics/RVD/issues/3277
  reproducibility: always
  trace: ''
  reproduction: See artifacts below (if available)
  reproduction-image: gitlab.com/aliasrobotics/offensive/alurity/pipelines/active/pipeline_px4/-/jobs/616402716/artifacts/download
exploitation:
  description: ''
  exploitation-image: ''
  exploitation-vector: ''
  exploitation-recipe: ''
mitigation:
  description: ''
  pull-request: ''
  date-mitigation: ''
aliasrobotics / RVD

RVD#3277: getopt, lemetry/frsky_telemetry.c:211, ... #3277
