Comment 40 for bug 690323

(In reply to comment #0)
<snip>
> There appear to be unchecked buffer overflows as well in
> gps_channel_garmin_input() via nmeabuf and nmea_gpgsv(), which could be used in
> an attack. (If the local user attaches gypsy to a pseudo-tty they might be able
> to trick the string handling.)

Note that this is only a problem in the 0.8 codebase, the latest master's parsing code is completely rewritten and doesn't use sprintf() anymore.