Skip to content

Navigation Menu

Sign in

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 3c76ef2

Browse filesBrowse files
aentingeraentinger
committed
Ensure that no buffer overflow can occur by limiting the number of post-comma digits
1 parent 952d776 commit 3c76ef2
Copy full SHA for 3c76ef2

File tree

1 file changed

+3
-0
lines changed
Filter options

1 file changed

+3
-0
lines changed

‎api/String.cpp

Copy file name to clipboardExpand all lines: api/String.cpp
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
*/
2121

2222
#include "String.h"
23+
#include "Common.h"
2324
#include "itoa.h"
2425
#include "deprecated-avr-comp/avr/dtostrf.h"
2526

@@ -123,6 +124,7 @@ String::String(float value, unsigned char decimalPlaces)
123124
static size_t const FLOAT_BUF_SIZE = FLT_MAX_10_EXP + FLT_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */;
124125
init();
125126
char buf[FLOAT_BUF_SIZE];
127+
decimalPlaces = min(decimalPlaces, FLT_MAX_DECIMAL_PLACES);
126128
*this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf);
127129
}
128130

@@ -131,6 +133,7 @@ String::String(double value, unsigned char decimalPlaces)
131133
static size_t const DOUBLE_BUF_SIZE = DBL_MAX_10_EXP + DBL_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */;
132134
init();
133135
char buf[DOUBLE_BUF_SIZE];
136+
decimalPlaces = min(decimalPlaces, DBL_MAX_DECIMAL_PLACES);
134137
*this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf);
135138
}
136139

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.