View Issue Details

IDProjectCategoryView StatusLast Update
0002921Ham Radio DeluxeBugpublic2018-11-11 00:34
ReporterK7ZCZ 
Assigned ToK7ZCZ 
PrioritynormalSeveritycrashReproducibilityhave not tried
Status closedResolutionfixed 
Product Version6.4.0.893 
Target VersionFixed in Version6.4.0.902 
Summary0002921: Logbook: bad parameters to AddLogfile() might cause a crash
DescriptionThe related bug contains a mindump which reveals this code:

    App().AddLogfile(_T(" Clublog ADIF record:"), strEntry);


This is completely bogus code; strEntry is user-provided data, and might contain a percent sign ... which will be interpreted as a printf() style formatter, and demand data from the stack. Of course, that data's not there, so a crash results.

The specific call site in the related bug is fixed, but we should review all call sites of this function to try to find other bugs.

AddDebug(), AddTiming(), and AddDebugTiming() are all vulnerable to the same issue and should similarly be inspected.
TagsNo tags attached.
ModuleLogbook
Sub-ModuleGeneral
Testing Not Tested

Relationships

related to 0002914 feedbackg3ucq 3 - Current Dev List Logbook crashing 

Activities

K7ZCZ

2018-10-18 21:17

manager   ~0006303

First cut at a fix with this checkin:
https://hrdsoftware.visualstudio.com/HRD/_versionControl/changeset/4378

K7ZCZ

2018-10-29 18:48

manager   ~0006356

Found about a dozen more, resolved with this checkin.
https://hrdsoftware.visualstudio.com/HRD/_versionControl/changeset/4398

I did a pretty exhaustive search, though there's no guarantee I found everything I'll resolve this and we can go digging if we find more crashes.

WA9PIE

2018-11-05 11:46

administrator   ~0006375

Accepted without testing, due to the nature of the change.

Issue History

Date Modified Username Field Change
2018-10-18 20:42 K7ZCZ New Issue
2018-10-18 20:43 K7ZCZ Relationship added related to 0002914
2018-10-18 21:17 K7ZCZ Note Added: 0006303
2018-10-29 18:48 K7ZCZ Note Added: 0006356
2018-10-29 18:48 K7ZCZ Assigned To => K7ZCZ
2018-10-29 18:48 K7ZCZ Status new => resolved
2018-10-29 18:48 K7ZCZ Resolution open => fixed
2018-11-04 07:49 K7ZCZ Fixed in Version => 6.4.0.900
2018-11-05 11:46 WA9PIE Status resolved => closed
2018-11-05 11:46 WA9PIE Testing Not Started => Not Tested
2018-11-05 11:46 WA9PIE Note Added: 0006375
2018-11-11 00:34 WA9PIE Fixed in Version 6.4.0.900 => 6.4.0.902
2018-11-11 00:34 WA9PIE Project 3 - Current Dev List => Ham Radio Deluxe