From 8abf6f4f5beabb24dd98b59533791d58cff7fb59 Mon Sep 17 00:00:00 2001 From: hueso Date: Thu, 15 May 2025 11:59:21 -0300 Subject: [PATCH] Fixed buffer overflows in sunrise_sunset_face --- .../watch_faces/complication/sunrise_sunset_face.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/movement/watch_faces/complication/sunrise_sunset_face.c b/movement/watch_faces/complication/sunrise_sunset_face.c index 8747bd86..56e2aa8a 100644 --- a/movement/watch_faces/complication/sunrise_sunset_face.c +++ b/movement/watch_faces/complication/sunrise_sunset_face.c @@ -45,7 +45,7 @@ static void _sunrise_sunset_set_expiration(sunrise_sunset_state_t *state, watch_ } static void _sunrise_sunset_face_update(movement_settings_t *settings, sunrise_sunset_state_t *state) { - char buf[14]; + char buf[11]; double rise, set, minutes, seconds; bool show_next_match = false; movement_location_t movement_location; @@ -87,7 +87,7 @@ static void _sunrise_sunset_face_update(movement_settings_t *settings, sunrise_s watch_clear_colon(); watch_clear_indicator(WATCH_INDICATOR_PM); watch_clear_indicator(WATCH_INDICATOR_24H); - sprintf(buf, "%s%2d none ", (result == 1) ? "SE" : "rI", scratch_time.unit.day); + snprintf(buf, sizeof(buf), "%s%2d none ", (result == 1) ? "SE" : "rI", scratch_time.unit.day); watch_display_string(buf, 0); return; } @@ -120,7 +120,7 @@ static void _sunrise_sunset_face_update(movement_settings_t *settings, sunrise_s } else if (settings->bit.clock_24h_leading_zero && scratch_time.unit.hour < 10) { set_leading_zero = true; } - sprintf(buf, "rI%2d%2d%02d%s", scratch_time.unit.day, scratch_time.unit.hour, scratch_time.unit.minute,longLatPresets[state->longLatToUse].name); + snprintf(buf, sizeof(buf), "rI%2d%2d%02d%s", scratch_time.unit.day, scratch_time.unit.hour, scratch_time.unit.minute,longLatPresets[state->longLatToUse].name); watch_display_string(buf, 0); if (set_leading_zero) watch_display_string("0", 4); @@ -152,7 +152,7 @@ static void _sunrise_sunset_face_update(movement_settings_t *settings, sunrise_s } else if (settings->bit.clock_24h_leading_zero && scratch_time.unit.hour < 10) { set_leading_zero = true; } - sprintf(buf, "SE%2d%2d%02d%s", scratch_time.unit.day, scratch_time.unit.hour, scratch_time.unit.minute, longLatPresets[state->longLatToUse].name); + snprintf(buf, sizeof(buf), "SE%2d%2d%02d%s", scratch_time.unit.day, scratch_time.unit.hour, scratch_time.unit.minute, longLatPresets[state->longLatToUse].name); watch_display_string(buf, 0); if (set_leading_zero) watch_display_string("0", 4); @@ -212,16 +212,16 @@ static void _sunrise_sunset_face_update_location_register(sunrise_sunset_state_t } static void _sunrise_sunset_face_update_settings_display(movement_event_t event, sunrise_sunset_state_t *state) { - char buf[12]; + char buf[11]; switch (state->page) { case 0: return; case 1: - sprintf(buf, "LA %c %04d", state->working_latitude.sign ? '-' : '+', abs(_sunrise_sunset_face_latlon_from_struct(state->working_latitude))); + snprintf(buf, sizeof(buf), "LA %c %04d", state->working_latitude.sign ? '-' : '+', abs(_sunrise_sunset_face_latlon_from_struct(state->working_latitude))); break; case 2: - sprintf(buf, "LO %c%05d", state->working_longitude.sign ? '-' : '+', abs(_sunrise_sunset_face_latlon_from_struct(state->working_longitude))); + snprintf(buf, sizeof(buf), "LO %c%05d", state->working_longitude.sign ? '-' : '+', abs(_sunrise_sunset_face_latlon_from_struct(state->working_longitude))); break; } if (event.subsecond % 2) {