⚠️ Potential issue | 🔴 Critical
Guard the section-default path when either coordinate is missing.
Lines 1130-1135 and Lines 1277-1282 only fall back to general_def_position when both coordinates are absent. If a section provides just one side, these branches still call strtof(NULL, NULL), which is undefined behavior and can crash the sender thread. The APRStt branch also skips valid ttlat/ttlon-only configs because it checks deflat/deflon instead of the resolved coordinate pair.
🛠️ Suggested fix
- if (!strcmp(ctg, "general") || (!deflat && !deflon)) {
+ if (!strcmp(ctg, "general") || !deflat || !deflon) {
this_def_position = general_def_position;
} else {const char *resolved_lat = ttlat ? ttlat : deflat;
const char *resolved_lon = ttlon ? ttlon : deflon;
if (!strcmp(ctg, "general") || !resolved_lat || !resolved_lon) {
this_def_position = general_def_position;
} else {
this_def_position.is_valid = 1;
lat_decimal_to_DMS(strtof(resolved_lat, NULL), this_def_position.latitude, sizeof(this_def_position.latitude));
lon_decimal_to_DMS(strtof(resolved_lon, NULL), this_def_position.longitude, sizeof(this_def_position.longitude));
...
}
Also applies to: 1277-1282
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@apps/app_gps.c` around lines 1130 - 1135, The branch currently falls back to
general_def_position only when both deflat and deflon are NULL, causing
strtof(NULL,...) if one coordinate is missing; update the logic to first compute
resolved_lat and resolved_lon (use ttlat if present else deflat, and ttlon if
present else deflon) and then check if either resolved_lat or resolved_lon is
NULL (or ctg == "general") to decide to use general_def_position; otherwise mark
this_def_position.is_valid and call lat_decimal_to_DMS and lon_decimal_to_DMS
with the resolved strings; apply the same fix to the APRStt-related block that
currently inspects deflat/deflon instead of the resolved pair.
Originally posted by @coderabbitai[bot] in #1014 (comment)
Guard the section-default path when either coordinate is missing.
Lines 1130-1135 and Lines 1277-1282 only fall back to
general_def_positionwhen both coordinates are absent. If a section provides just one side, these branches still callstrtof(NULL, NULL), which is undefined behavior and can crash the sender thread. The APRStt branch also skips validttlat/ttlon-only configs because it checksdeflat/defloninstead of the resolved coordinate pair.🛠️ Suggested fix
Also applies to: 1277-1282
🤖 Prompt for AI Agents
Originally posted by @coderabbitai[bot] in #1014 (comment)