JTEncode icon indicating copy to clipboard operation
JTEncode copied to clipboard
verified publisher icon etherkit

variable callsigin: length correct?

Open dl9sau opened this issue 4 years ago • 0 comments

I read through the code because I had an other problem and searched for all occurences of strcpy, strncpy, ..

I see the following problem with callsign, defined in JTEncode.h: char callsign[12];

We know, compound calls in wspr type2 messages are 12 bytes long: <DL9/DL9SAU>, plus the terminating \0.

JTEncode.cpp does: strncpy(callsign, call, 12); -> No buffer overflow, but the copied 12 bytes long string is not terminated. The operation further down, char* slash_avail = strchr(callsign, (int)'/'); may search for '/' beyond end of char[] callsign (if user had a wrong input). Same for char* bracket_avail = strchr(callsign, (int)'>');

Fix: I see no reason to keep char callsign 12 bytes long. -> Define in JTEncode.h char callsign[13]; should solve the hypothetical problem.

dl9sau avatar Oct 10 '21 22:10 dl9sau