From 3f765d387d239ccc44e278a2ffa600fb6a6587f9 Mon Sep 17 00:00:00 2001
From: Damir Salantic <damir.salantic@crocontrol.hr>
Date: Tue, 23 Nov 2021 09:13:11 +0100
Subject: [PATCH] Issue #183 Potential Heap-based Buffer Overflow

---
 CMakeLists.txt                         | 3 +++
 HISTORY                                | 5 ++++-
 SECURITY.md                            | 2 +-
 asterix/version.py                     | 2 +-
 src/asterix/DataItemFormatExplicit.cpp | 1 +
 src/main/version.h                     | 4 ++--
 6 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5b36f1e6..bf00f012 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -27,6 +27,9 @@ set(EXECUTABLE_OUTPUT_PATH install)
 
 set(CMAKE_CXX_STANDARD 11)
 
+#set (CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -fno-omit-frame-pointer -fsanitize=address")
+#set (CMAKE_LINKER_FLAGS_DEBUG "${CMAKE_LINKER_FLAGS_DEBUG} -fno-omit-frame-pointer -fsanitize=address")
+
 include_directories(src/asterix)
 include_directories(src/engine)
 include_directories(src/main)
diff --git a/HISTORY b/HISTORY
index 2044e189..6d684d88 100644
--- a/HISTORY
+++ b/HISTORY
@@ -249,4 +249,7 @@ Issue #178 Explicit items with more elements then in definition should be put to
 2.8.1 (python_v0.7.1)
 Issue #180 Problem decoding repetitive data item I023/120 Service Statistics
 Issue #181 Add missing Single Antenna (SA) element in Data Item I021/008 for CAT021 v2.1 
-Issue #182 convert timestamp to double, improves precision 
\ No newline at end of file
+Issue #182 convert timestamp to double, improves precision 
+
+2.8.2 (python_v0.7.2)
+Issue #183 Potential Heap-based Buffer Overflow
\ No newline at end of file
diff --git a/SECURITY.md b/SECURITY.md
index 5041b2f2..0607d540 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,4 +2,4 @@
 
 ## Reporting a Vulnerability
 
-Please report security issues to <email>
+Please report security issues to damir dot salantic at gmail dot com
diff --git a/asterix/version.py b/asterix/version.py
index f0788a87..fb9b668f 100644
--- a/asterix/version.py
+++ b/asterix/version.py
@@ -1 +1 @@
-__version__ = '0.7.1'
+__version__ = '0.7.2'
diff --git a/src/asterix/DataItemFormatExplicit.cpp b/src/asterix/DataItemFormatExplicit.cpp
index 0acf36dc..4a22f134 100644
--- a/src/asterix/DataItemFormatExplicit.cpp
+++ b/src/asterix/DataItemFormatExplicit.cpp
@@ -68,6 +68,7 @@ bool DataItemFormatExplicit::getText(std::string &strResult, std::string &strHea
     // full length must be multiple of body length
     if (bodyLength == 0 || nFullLength % bodyLength != 0) {
         Tracer::Error("Wrong data length in Explicit. Needed=%d and there is %d bytes.", bodyLength, nFullLength);
+        return false;
     }
 
     std::string tmpStr = "";
diff --git a/src/main/version.h b/src/main/version.h
index 0714eb04..67bcb7f0 100644
--- a/src/main/version.h
+++ b/src/main/version.h
@@ -26,7 +26,7 @@
 #ifndef VERSION_H
 #define VERSION_H
 
-#define _VERSION        2.8.1
-#define _VERSION_STR   "2.8.1"
+#define _VERSION        2.8.2
+#define _VERSION_STR   "2.8.2"
 
 #endif