[Gpsbabel-code] Invalid NMEA sentence causing Segmentation Fault

[Daniel M. <dmc...@gm...>]

I have never submitted bug reports before, so please forgive me if I
omit anything. I am converting NMEA sentences to GPX for upload to
OpenStreetMap, and my tracking device seems to be messing up now and
then, such that I end up with sentences like the following:
$GPRMC,224803.69,A$GPGLL,3305.9296,N,11659.9404,W,224804.701,A*2A
(ie. RMC is truncated and contatenated with GLL) Any file with this
line causes a segmentation fault.
Some investigation led to the following being the problem:
nmea.c, Lines 534-541, contained in the gprmc_parse() function

        /* Skip past nine commas in ibuf to reach the dmy value */
        for (dmybuf=ibuf,i=0; i<9 && dmybuf != NULL; i++) {
                dmybuf= strchr(dmybuf, ',');
                dmybuf++;
        }

        /* Now read dmy from the correct position */
        sscanf(dmybuf,"%u", &dmy);

I am not sure what the best approach is to fix it, but strchr returns
a NULL pointer (which is then incremented) and after the loop exits,
the incremented null pointer is passed to sscanf() causing a segfault.
It is also worth mentioning that checking dmybuf != NULL in the loop
is not doing anything, since dmybuf is incremented before the check.

Would it be best to check for a (not quite) null pointer after the
loop and return from the function so that the line is ignored, or is
there some method to report the error to the user?

As I said, this is my first bug report, but I would be happy to try to
write a patch, I am just not sure how best to do it.
    Thank you,
        Daniel McAllaster