From fdda28cfe40701deb71632faa403cde86695d737 Mon Sep 17 00:00:00 2001 From: Jeremy Boynes Date: Sat, 9 Sep 2023 08:19:28 +0100 Subject: [PATCH] Remove deprecation diagnostic supppression for dtostrf --- api/deprecated-avr-comp/avr/dtostrf.c.impl | 3 --- test/src/dtostrf.cpp | 27 ++++++++++++++++++---- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/api/deprecated-avr-comp/avr/dtostrf.c.impl b/api/deprecated-avr-comp/avr/dtostrf.c.impl index f410886c..96987a8f 100644 --- a/api/deprecated-avr-comp/avr/dtostrf.c.impl +++ b/api/deprecated-avr-comp/avr/dtostrf.c.impl @@ -29,12 +29,9 @@ char *dtostrf (double val, signed char width, unsigned char prec, char *sout) { asm(".global _printf_float"); -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wdeprecated-declarations" char fmt[20]; sprintf(fmt, "%%%d.%df", width, prec); sprintf(sout, fmt, val); return sout; -#pragma GCC diagnostic pop } diff --git a/test/src/dtostrf.cpp b/test/src/dtostrf.cpp index 0700debb..afa90213 100644 --- a/test/src/dtostrf.cpp +++ b/test/src/dtostrf.cpp @@ -6,9 +6,8 @@ * INCLUDE **************************************************************************************/ -#include - -#include +#include +#include /************************************************************************************** * FUNCTION IMPLEMENTATION @@ -17,8 +16,28 @@ #ifdef __cplusplus extern "C" { #endif +/* + * A fundamental issue with dtostrf is the risk of buffer overflow as the size of the + * output buffer is not passed in. Previous implementation relied on sprintf which has + * the same issue and has now been deprecated, leading to compilation warnings that are + * considered fatal. Here, we use snprintf to avoid those warnings, with a limit + * set large enough for the longest buffer used by the String class. The risk + * of buffer overflow remains when a smaller buffer is passed in. + * + * TODO Refactor String not to rely on this function. + */ +char *dtostrf (double val, signed char width, unsigned char prec, char *sout) { + + // From String.h - DOUBLE_BUF_SIZE is the largest it could use + static size_t const FLT_MAX_DECIMAL_PLACES = 10; + static size_t const DBL_MAX_DECIMAL_PLACES = FLT_MAX_DECIMAL_PLACES; + static size_t const DOUBLE_BUF_SIZE = DBL_MAX_10_EXP + DBL_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */; -#include + char fmt[20]; + snprintf(fmt, sizeof(fmt), "%%%d.%df", width, prec); + snprintf(sout, DOUBLE_BUF_SIZE, fmt, val); + return sout; +} #ifdef __cplusplus } // extern "C" pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy