PX4 Sync / Q&A: June 19, 2024

PX4 Sync / Q&A: June 19, 2024


  • Announcements
  • Release Discussion
  • Q&A


Release Discussion

For now the following branch could be used till the tag is cut:


  • Question regarding pyulog or cpp ulog and how can it be used?
    The recommendation is if only log parsing wants to be used we can do pyulog, but in the use case of implementing it on an embedded system then definitely ulog cpp is the go-to solution.

Review needed

@Pedro-Roque will do a rebase and continue from there:

  • To improve documentation on CRSF and RC tree. The config needs to be not general for any board and no auto scanning!

  • Are multiple video URLs possible? How to toggle between video inputs?
    MAVLINK is preferred to be used.

  • How different is mag stuff between 1.14 and 1.15?
    Mostly untangling and cleanups and not a big change done. Although still indoor outdoor transition might be a point to work on more.

I am a graduate student, and my research area is drone vulnerability discovery. I recently discovered a vulnerability in PX4. However, since I am still a security beginner, and the ASAN report did not provide detailed information about the specific error, I am not sure where the problem is. However, PX4 itself does have a buffer overflow vulnerability. I also made a security report on Github (https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-55wq-2hgm-75m4), provided a reproduction method and POC, so I hope to find the location of the erroneous source code and the cause of it under the PX4 team, and fix it. Finally, I hope to assign a CVE ID

Hello @frogzhang

Thanks for mentioning this.

@rroche @dagar maybe able to guide you!