Change sprintf to snprintf #24
Conversation
There was a problem hiding this comment.
Read https://cbea.ms/git-commit/ carefully and refine your git commit messages. In addition, improve the subject of this pull request to express the motivations and considerations.
There was a problem hiding this comment.
Squash the commits. Do read https://cbea.ms/git-commit/ carefully and express the following:
- Motivations
- Considerations
- Strong reasons to make such changes
- Impacts
- References
There was a problem hiding this comment.
Use git rebase instead of git merge.
Check the documentation: https://git-scm.com/docs/git-rebase
In the calculator application, do you think it is susceptible to a buffer overrun? If so, provide a minimal reproducible example to demonstrate the need for the proposed change. |
|
Yes you are right, current char array is 20-byte long, after investigation I think it is suffcient to store |
|
However, there is one strange problem that once the calculator reach the limit of its length, next time I press a button of a number, the number in the calculator shows will randomly change to other number. |
Write down the steps to reproduce the issue, along with your analysis, and submit it in another GitHub issue. |
sprintfdoes not perform any bounds checking, which could potentially lead to occurence of buffer overflow and cause undefined behavior.snprintfrequire to specify the size of buffer so that it is able to prevent undefined behavior. Addingsizeof(v) + 1to include null terminator.Reference:
https://www.gnu.org/software/libc/manual/html_node/Formatted-Output-Functions.html