Why do you generate msgs if you are wanting to call CQ? Generate Msgs takes the DXCall value but there is probably no value there if you wish to call CQ.
Alan McDonald VK1AO -----Original Message----- From: Glenn Williams via wsjt-devel <wsjt-devel@lists.sourceforge.net> Sent: Tuesday, May 9, 2023 2:38 PM To: wsjt-devel@lists.sourceforge.net Cc: Glenn Williams <a...@alumni.caltech.edu> Subject: [wsjt-devel] FT8 TX6 mod entry and security hole Hello, Setup: FT8 V2.6.1, Windows 10, Kenwood TS590SG operated via USB cable. Time/Date: Last night, thinking about changing TX6 to specifically call 3C3CA with a CQ. So we know that "CQ DL AF8C EN81" WILL be transmitted if I modify TX6 and call CQ for Germany, However attempting to use "CQ 3C AF8C EN81" created a couple of problems. Problem #1: If I insert DL into TX6 and select "Generate Std Msgs" using DL and not 3C, even if the DL is in lower case, the DL gets converted to upper case. Fine. Also transmitting the CQ works fine. But if I instead insert 3C and click "Generate Std Msgs" the 3C is erased and TX6 looks normal. So that means I can't aim a CQ at entities with number first prefixes? BOO! So tonight I did it all over again and in addition put in a "#" character instead of 3C, and got similar results. Problem #2: Follow mostly the sequence in Problem 1 but instead of clicking "Generate Std Msgs" just click "Enable Tx". With DL that works also. But with 3C I transmit " <CQ_3C> AF8C EN81 " . Notice also the extra underscore and less-than sign and greater-than sign. Transcript of Rx Frequency window follows: 030545 Tx 1281 ~ CQ DL AF8C EN81 030615 Tx 1281 ~ CQ SV AF8C EN81 030645 Tx 1281 ~ <CQ_3C> AF8C EN81 030715 8 0.1 1795 ~ <HK0/PY7XC> K7ACZ 73 030815 -18 0.1 1216 ~ CQ TI2GBB EJ89 Costa Rica 030900 Tx 1281 ~ TI2GBB AF8C EN81 030915 -13 0.1 1218 ~ WB4JTT TI2GBB RR73 030930 Tx 1281 ~ TI2GBB AF8C EN81 031000 Tx 1457 ~ TI2GBB AF8C EN81 031101 Tx 1648 ~ TI2GBB AF8C EN81 031130 Tx 1648 ~ TI2GBB AF8C EN81 031200 Tx 1648 ~ TI2GBB AF8C EN81 031230 Tx 1648 ~ TI2GBB AF8C EN81 031330 Tx 1613 ~ TI2GBB AF8C EN81 031400 Tx 1613 ~ TI2GBB AF8C EN81 031430 Tx 1613 ~ TI2GBB AF8C EN81 032000 Tx 1613 ~ <CQ_#> AF8C EN81 032100 Tx 1613 ~ <CQ_#AADFDF> AF8C EN81 032130 Tx 1613 ~ <CQ_#AADFDF12 AF8C EN81 032310 Tx 1613 ~ CQ The missing greater-than symbol at 032130 is also a feature because I entered "CQ_#AADFDF12345676890 AF8C EN81" and clicked Enable Tx. The last one there happened because I modified TX6 to say something really ugly like CQ #AADFDF1234567890afdkjhkdfhasdsadsff AF8C EN81 and then clicked Enable Tx. Evidently inserting a long string overflows a buffer which is then truncated when Enable Tx is clicked? OK Time to quit operating and send this email! Security hole question: Now what would happen if I was running WSJT-X remotely with some Remote Desktop App which had malware in it and the malware part decided to overflow the TX6 buffer with some kind of malware insertion trick? Full disclosure here, I do not code up malware. I don't know how. I have just read about it, where somewhere in the past I read that forcing buffer overflows is one trick used to compromise a computer. Perhaps somewhere in your code you have a catch to limit buffer overflows? Perhaps you need more work to enable CQing ALL legal call signs and at the same time the team should audit the code for disallowing dirty tricks? Also add a special character rejection part. --------------------- --73, Glenn, AF8C -- This email has been checked for viruses by Avast antivirus software. www.avast.com _______________________________________________ wsjt-devel mailing list wsjt-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wsjt-devel _______________________________________________ wsjt-devel mailing list wsjt-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wsjt-devel
