From f3cfa2f267051c5761edc642e64865449431126f Mon Sep 17 00:00:00 2001 From: Alexander Entinger Date: Wed, 9 Dec 2020 10:18:21 +0100 Subject: [PATCH 1/3] Calling String::String(float ...) with +/- FLT_MAX or String::String(double ...) with +/- DBL_MAX results in a stack smashing. --- test/src/String/test_String.cpp | 40 +++++++++++++++++++++++++++------ 1 file changed, 33 insertions(+), 7 deletions(-) diff --git a/test/src/String/test_String.cpp b/test/src/String/test_String.cpp index 1c94cb99..8ff44c0f 100644 --- a/test/src/String/test_String.cpp +++ b/test/src/String/test_String.cpp @@ -6,6 +6,8 @@ * INCLUDE **************************************************************************************/ +#include + #include #include @@ -80,16 +82,40 @@ TEST_CASE ("Testing String(unsigned long, unsigned char base = 10) constructor() TEST_CASE ("Testing String(float, unsigned char decimalPlaces = 2) constructor()", "[String-Ctor-10]") { - float const val = 1.234f; - arduino::String str(val); - REQUIRE(strcmp(str.c_str(), "1.23") == 0); + WHEN ("String::String (some float value)") + { + arduino::String str(1.234f); + REQUIRE(strcmp(str.c_str(), "1.23") == 0); + } + WHEN ("String::String (FLT_MAX)") + { + arduino::String str(FLT_MAX); + REQUIRE(strcmp(str.c_str(), "340282346638528859811704183484516925440.00") == 0); + } + WHEN ("String::String (-FLT_MAX)") + { + arduino::String str(-FLT_MAX); + REQUIRE(strcmp(str.c_str(), "-340282346638528859811704183484516925440.00") == 0); + } } TEST_CASE ("Testing String(double, unsigned char decimalPlaces = 2) constructor()", "[String-Ctor-11]") { - double const val = 5.678; - arduino::String str(val); - REQUIRE(strcmp(str.c_str(), "5.68") == 0); + WHEN ("String::String (some double value)") + { + arduino::String str(5.678); + REQUIRE(strcmp(str.c_str(), "5.68") == 0); + } + WHEN ("String::String (DBL_MAX)") + { + arduino::String str(DBL_MAX); + REQUIRE(strcmp(str.c_str(), "179769313486231570814527423731704356798070567525844996598917476803157260780028538760589558632766878171540458953514382464234321326889464182768467546703537516986049910576551282076245490090389328944075868508455133942304583236903222948165808559332123348274797826204144723168738177180919299881250404026184124858368.00") == 0); + } + WHEN ("String::String (-DBL_MAX)") + { + arduino::String str(-DBL_MAX); + REQUIRE(strcmp(str.c_str(), "-179769313486231570814527423731704356798070567525844996598917476803157260780028538760589558632766878171540458953514382464234321326889464182768467546703537516986049910576551282076245490090389328944075868508455133942304583236903222948165808559332123348274797826204144723168738177180919299881250404026184124858368.00") == 0); + } } TEST_CASE ("Testing String(const __FlashStringHelper) constructor() with invalid buffer", "[String-Ctor-12]") @@ -131,4 +157,4 @@ TEST_CASE ("Testing String(String &&) with move(String &rhs) from larger to smal arduino::String str1("Arduino"); str = static_cast(str1); REQUIRE(str1.compareTo("Arduino") == 0); -} \ No newline at end of file +} From 952d776d88550abd62f899646e14b5aa68f18dd5 Mon Sep 17 00:00:00 2001 From: Alexander Entinger Date: Wed, 9 Dec 2020 10:30:12 +0100 Subject: [PATCH 2/3] Increase buffer size in order to avoid buffer overflow when using large floating point numbers --- api/String.cpp | 19 +++++++++++++++---- api/String.h | 3 +++ 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/api/String.cpp b/api/String.cpp index b96b1005..fd8c87f2 100644 --- a/api/String.cpp +++ b/api/String.cpp @@ -23,11 +23,20 @@ #include "itoa.h" #include "deprecated-avr-comp/avr/dtostrf.h" +#include + +namespace arduino { + /*********************************************/ -/* Constructors */ +/* Static Member Initialisation */ /*********************************************/ -namespace arduino { +size_t const String::FLT_MAX_DECIMAL_PLACES; +size_t const String::DBL_MAX_DECIMAL_PLACES; + +/*********************************************/ +/* Constructors */ +/*********************************************/ String::String(const char *cstr) { @@ -111,15 +120,17 @@ String::String(unsigned long value, unsigned char base) String::String(float value, unsigned char decimalPlaces) { + static size_t const FLOAT_BUF_SIZE = FLT_MAX_10_EXP + FLT_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */; init(); - char buf[33]; + char buf[FLOAT_BUF_SIZE]; *this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf); } String::String(double value, unsigned char decimalPlaces) { + static size_t const DOUBLE_BUF_SIZE = DBL_MAX_10_EXP + DBL_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */; init(); - char buf[33]; + char buf[DOUBLE_BUF_SIZE]; *this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf); } diff --git a/api/String.h b/api/String.h index 93d5b06b..d8f943eb 100644 --- a/api/String.h +++ b/api/String.h @@ -58,6 +58,9 @@ class String typedef void (String::*StringIfHelperType)() const; void StringIfHelper() const {} + static size_t const FLT_MAX_DECIMAL_PLACES = 10; + static size_t const DBL_MAX_DECIMAL_PLACES = FLT_MAX_DECIMAL_PLACES; + public: // constructors // creates a copy of the initial value. From 3c76ef240e483306d129d137696ea3e04e0dbec0 Mon Sep 17 00:00:00 2001 From: Alexander Entinger Date: Wed, 9 Dec 2020 10:36:50 +0100 Subject: [PATCH 3/3] Ensure that no buffer overflow can occur by limiting the number of post-comma digits --- api/String.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/api/String.cpp b/api/String.cpp index fd8c87f2..37812418 100644 --- a/api/String.cpp +++ b/api/String.cpp @@ -20,6 +20,7 @@ */ #include "String.h" +#include "Common.h" #include "itoa.h" #include "deprecated-avr-comp/avr/dtostrf.h" @@ -123,6 +124,7 @@ String::String(float value, unsigned char decimalPlaces) static size_t const FLOAT_BUF_SIZE = FLT_MAX_10_EXP + FLT_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */; init(); char buf[FLOAT_BUF_SIZE]; + decimalPlaces = min(decimalPlaces, FLT_MAX_DECIMAL_PLACES); *this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf); } @@ -131,6 +133,7 @@ String::String(double value, unsigned char decimalPlaces) static size_t const DOUBLE_BUF_SIZE = DBL_MAX_10_EXP + DBL_MAX_DECIMAL_PLACES + 1 /* '-' */ + 1 /* '.' */ + 1 /* '\0' */; init(); char buf[DOUBLE_BUF_SIZE]; + decimalPlaces = min(decimalPlaces, DBL_MAX_DECIMAL_PLACES); *this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf); } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy