--- core_net.c	2006-10-17 13:09:56.000000000 +0200
+++ core_net.c.new	2008-06-20 14:59:42.000000000 +0200
@@ -845,11 +845,14 @@
             i = atoi(ptr[0]);
             free(ptr[0]);
 
+	    if(i < 0 || i > sizeof(buf) - 1)
+	        i = sizeof(buf) - 1;
 	    if (read(session->sd, buf, i) != i) {
                 strncpy(message, "Couldn't read UBX payload",
                         message_len - 1);
                 return -1;
             }
+	    buf[sizeof(buf) - 1] = 0;
 	    // parsing PSM, by gfhuang
 	    if(0 == i) buf[0] = 0;	//important, by gfhuang, when i=0, buf is untouched!