From f7cf9a691f53ac9df8e2ad01cb86567b50df2b77 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Xose=20P=C3=A9rez?= <xose.perez@gmail.com>
Date: Fri, 25 Aug 2017 12:50:35 +0200
Subject: [PATCH] Replaced sprintf with safer snprintf

---
 code/espurna/analog.ino   |  4 ++--
 code/espurna/button.ino   |  2 +-
 code/espurna/dht.ino      |  6 +++---
 code/espurna/domoticz.ino |  4 ++--
 code/espurna/ds18b20.ino  |  4 ++--
 code/espurna/emon.ino     |  6 +++---
 code/espurna/espurna.ino  |  8 ++++----
 code/espurna/influxdb.ino |  4 ++--
 code/espurna/led.ino      |  2 +-
 code/espurna/light.ino    | 12 ++++++------
 code/espurna/mqtt.ino     |  2 +-
 code/espurna/ntp.ino      |  2 +-
 code/espurna/relay.ino    | 12 ++++++------
 code/espurna/rfbridge.ino | 12 ++++++------
 code/espurna/web.ino      |  8 ++++----
 15 files changed, 44 insertions(+), 44 deletions(-)

diff --git a/code/espurna/analog.ino b/code/espurna/analog.ino
index bd865cef..91cef6d0 100644
--- a/code/espurna/analog.ino
+++ b/code/espurna/analog.ino
@@ -19,7 +19,7 @@ unsigned int getAnalog() {
 void analogSetup() {
 
     pinMode(ANALOG_PIN, INPUT);
-    
+
     #if WEB_SUPPORT
         apiRegister(ANALOG_TOPIC, ANALOG_TOPIC, [](char * buffer, size_t len) {
             snprintf_P(buffer, len, PSTR("%d"), getAnalog());
@@ -55,7 +55,7 @@ void analogLoop() {
         // Update websocket clients
         #if WEB_SUPPORT
             char buffer[100];
-            sprintf_P(buffer, PSTR("{\"analogVisible\": 1, \"analogValue\": %d}"), analog);
+            snprintf_P(buffer, strlen(buffer), PSTR("{\"analogVisible\": 1, \"analogValue\": %d}"), analog);
             wsSend(buffer);
         #endif
 
diff --git a/code/espurna/button.ino b/code/espurna/button.ino
index 36eefada..4167c1b1 100644
--- a/code/espurna/button.ino
+++ b/code/espurna/button.ino
@@ -25,7 +25,7 @@ std::vector<button_t> _buttons;
 void buttonMQTT(unsigned char id, uint8_t event) {
     if (id >= _buttons.size()) return;
     char payload[2];
-    sprintf_P(payload, PSTR("%d"), event);
+    snprintf_P(payload, strlen(payload), PSTR("%d"), event);
     mqttSend(MQTT_TOPIC_BUTTON, id, payload);
 }
 #endif
diff --git a/code/espurna/dht.ino b/code/espurna/dht.ino
index 4da1aa5f..d1198f91 100644
--- a/code/espurna/dht.ino
+++ b/code/espurna/dht.ino
@@ -40,7 +40,7 @@ void dhtSetup() {
             snprintf_P(buffer, len, PSTR("%d"), _dhtHumidity);
         });
     #endif
-    
+
 }
 
 void dhtLoop() {
@@ -93,7 +93,7 @@ void dhtLoop() {
                     status = HUMIDITY_DRY;
                 }
                 char buffer[2];
-                sprintf_P(buffer, PSTR("%d"), status);
+                snprintf_P(buffer, strlen(buffer), PSTR("%d"), status);
                 domoticzSend("dczHumIdx", humidity, buffer);
             }
             #endif
@@ -106,7 +106,7 @@ void dhtLoop() {
             // Update websocket clients
             #if WEB_SUPPORT
                 char buffer[100];
-                sprintf_P(buffer, PSTR("{\"dhtVisible\": 1, \"dhtTmp\": %s, \"dhtHum\": %s, \"tmpUnits\": %d}"), temperature, humidity, tmpUnits);
+                snprintf_P(buffer, strlen(buffer), PSTR("{\"dhtVisible\": 1, \"dhtTmp\": %s, \"dhtHum\": %s, \"tmpUnits\": %d}"), temperature, humidity, tmpUnits);
                 wsSend(buffer);
             #endif
 
diff --git a/code/espurna/domoticz.ino b/code/espurna/domoticz.ino
index f543ee94..72d8dc12 100644
--- a/code/espurna/domoticz.ino
+++ b/code/espurna/domoticz.ino
@@ -84,13 +84,13 @@ template<typename T> void domoticzSend(const char * key, T nvalue) {
 void domoticzSendRelay(unsigned int relayID) {
     if (!_dczEnabled) return;
     char buffer[15];
-    sprintf_P(buffer, PSTR("dczRelayIdx%d"), relayID);
+    snprintf_P(buffer, strlen(buffer), PSTR("dczRelayIdx%d"), relayID);
     domoticzSend(buffer, relayStatus(relayID) ? "1" : "0");
 }
 
 int domoticzIdx(unsigned int relayID) {
     char buffer[15];
-    sprintf_P(buffer, PSTR("dczRelayIdx%d"), relayID);
+    snprintf_P(buffer, strlen(buffer), PSTR("dczRelayIdx%d"), relayID);
     return getSetting(buffer).toInt();
 }
 
diff --git a/code/espurna/ds18b20.ino b/code/espurna/ds18b20.ino
index 45412e2f..9bbb8d76 100644
--- a/code/espurna/ds18b20.ino
+++ b/code/espurna/ds18b20.ino
@@ -43,7 +43,7 @@ void dsSetup() {
             dtostrf(_dsTemperature, len-1, 1, buffer);
         });
     #endif
-    
+
 }
 
 void dsLoop() {
@@ -110,7 +110,7 @@ void dsLoop() {
             // Update websocket clients
             #if WEB_SUPPORT
                 char buffer[100];
-                sprintf_P(buffer, PSTR("{\"dsVisible\": 1, \"dsTmp\": %s, \"tmpUnits\": %d}"), getDSTemperatureStr(), tmpUnits);
+                snprintf_P(buffer, strlen(buffer), PSTR("{\"dsVisible\": 1, \"dsTmp\": %s, \"tmpUnits\": %d}"), getDSTemperatureStr(), tmpUnits);
                 wsSend(buffer);
             #endif
 
diff --git a/code/espurna/emon.ino b/code/espurna/emon.ino
index 3aa1793c..065cab50 100644
--- a/code/espurna/emon.ino
+++ b/code/espurna/emon.ino
@@ -168,9 +168,9 @@ void powerMonitorLoop() {
 
             // Update websocket clients
             #if WEB_SUPPORT
-                char text[100];
-                sprintf_P(text, PSTR("{\"emonVisible\": 1, \"emonApparentPower\": %d, \"emonCurrent\": %s}"), int(current * voltage), String(current, 3).c_str());
-                wsSend(text);
+                char buffer[100];
+                snprintf_P(buffer, strlen(buffer), PSTR("{\"emonVisible\": 1, \"emonApparentPower\": %d, \"emonCurrent\": %s}"), int(current * voltage), String(current, 3).c_str());
+                wsSend(buffer);
             #endif
 
         }
diff --git a/code/espurna/espurna.ino b/code/espurna/espurna.ino
index 746f39f2..51b13f07 100644
--- a/code/espurna/espurna.ino
+++ b/code/espurna/espurna.ino
@@ -27,9 +27,9 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 // -----------------------------------------------------------------------------
 
 String getIdentifier() {
-    char identifier[20];
-    sprintf_P(identifier, PSTR("%s_%06X"), DEVICE, ESP.getChipId());
-    return String(identifier);
+    char buffer[20];
+    snprintf_P(buffer, strlen(buffer), PSTR("%s_%06X"), DEVICE, ESP.getChipId());
+    return String(buffer);
 }
 
 void heartbeat() {
@@ -229,7 +229,7 @@ void setup() {
     #if WEB_SUPPORT
         webSetup();
     #endif
-    
+
     #if LIGHT_PROVIDER != LIGHT_PROVIDER_NONE
         lightSetup();
     #endif
diff --git a/code/espurna/influxdb.ino b/code/espurna/influxdb.ino
index 9f6712b3..087652a0 100644
--- a/code/espurna/influxdb.ino
+++ b/code/espurna/influxdb.ino
@@ -28,11 +28,11 @@ template<typename T> bool influxDBSend(const char * topic, T payload) {
     }
 
     char data[128];
-    sprintf(data, "%s,device=%s value=%s", topic, getSetting("hostname").c_str(), String(payload).c_str());
+    snprintf(data, strlen(data), "%s,device=%s value=%s", topic, getSetting("hostname").c_str(), String(payload).c_str());
     DEBUG_MSG("[INFLUXDB] Data: %s\n", data);
 
     char request[256];
-    sprintf(request, "POST /write?db=%s&u=%s&p=%s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\n\r\n%s",
+    snprintf(request, strlen(request), "POST /write?db=%s&u=%s&p=%s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\n\r\n%s",
         getSetting("idbDatabase").c_str(), getSetting("idbUsername").c_str(), getSetting("idbPassword").c_str(),
         getSetting("idbHost").c_str(), getSetting("idbPort", INFLUXDB_PORT).toInt(),
         strlen(data), data);
diff --git a/code/espurna/led.ino b/code/espurna/led.ino
index 392049a9..580454a9 100644
--- a/code/espurna/led.ino
+++ b/code/espurna/led.ino
@@ -64,7 +64,7 @@ void ledMQTTCallback(unsigned int type, const char * topic, const char * payload
 
     if (type == MQTT_CONNECT_EVENT) {
         char buffer[strlen(MQTT_TOPIC_LED) + 3];
-        sprintf_P(buffer, PSTR("%s/+"), MQTT_TOPIC_LED);
+        snprintf_P(buffer, strlen(buffer), PSTR("%s/+"), MQTT_TOPIC_LED);
         mqttSubscribe(buffer);
     }
 
diff --git a/code/espurna/light.ino b/code/espurna/light.ino
index c143e1f0..f93d0399 100644
--- a/code/espurna/light.ino
+++ b/code/espurna/light.ino
@@ -293,7 +293,7 @@ void _lightMQTTCallback(unsigned int type, const char * topic, const char * payl
         }
 
         char buffer[strlen(MQTT_TOPIC_CHANNEL) + 3];
-        sprintf_P(buffer, PSTR("%s/+"), MQTT_TOPIC_CHANNEL);
+        snprintf_P(buffer, strlen(buffer), PSTR("%s/+"), MQTT_TOPIC_CHANNEL);
         mqttSubscribe(buffer);
 
     }
@@ -370,14 +370,14 @@ void lightMQTT() {
         mqttSend(MQTT_TOPIC_COLOR, buffer);
 
         // Brightness
-        sprintf_P(buffer, PSTR("%d"), _brightness);
+        snprintf_P(buffer, strlen(buffer), PSTR("%d"), _brightness);
         mqttSend(MQTT_TOPIC_BRIGHTNESS, buffer);
 
     }
 
     // Channels
     for (unsigned int i=0; i < _channels.size(); i++) {
-        sprintf_P(buffer, PSTR("%d"), _channels[i].value);
+        snprintf_P(buffer, strlen(buffer), PSTR("%d"), _channels[i].value);
         mqttSend(MQTT_TOPIC_CHANNEL, i, buffer);
     }
 
@@ -509,10 +509,10 @@ void _lightAPISetup() {
         for (unsigned int id=0; id<lightChannels(); id++) {
 
             char url[15];
-            sprintf_P(url, PSTR("%s/%d"), MQTT_TOPIC_CHANNEL, id);
+            snprintf_P(url, strlen(url), PSTR("%s/%d"), MQTT_TOPIC_CHANNEL, id);
 
             char key[10];
-            sprintf_P(key, PSTR("%s%d"), MQTT_TOPIC_CHANNEL, id);
+            snprintf_P(key, strlen(key), PSTR("%s%d"), MQTT_TOPIC_CHANNEL, id);
 
             apiRegister(url, key,
                 [id](char * buffer, size_t len) {
@@ -527,7 +527,7 @@ void _lightAPISetup() {
         }
 
     #endif // WEB_SUPPORT
-    
+
 }
 
 void lightSetup() {
diff --git a/code/espurna/mqtt.ino b/code/espurna/mqtt.ino
index a4f94d0a..bb3a7750 100644
--- a/code/espurna/mqtt.ino
+++ b/code/espurna/mqtt.ino
@@ -129,7 +129,7 @@ void mqttSend(const char * topic, const char * message) {
 
 void mqttSend(const char * topic, unsigned int index, const char * message, bool force) {
     char buffer[strlen(topic)+5];
-    sprintf_P(buffer, PSTR("%s/%d"), topic, index);
+    snprintf_P(buffer, strlen(buffer), PSTR("%s/%d"), topic, index);
     mqttSend(buffer, message, force);
 }
 
diff --git a/code/espurna/ntp.ino b/code/espurna/ntp.ino
index f260f542..09e515fc 100644
--- a/code/espurna/ntp.ino
+++ b/code/espurna/ntp.ino
@@ -39,7 +39,7 @@ String ntpDateTime() {
     int month = value.substring(12, 14).toInt();
     int year = value.substring(15, 19).toInt();
     char buffer[20];
-    sprintf_P(buffer, PSTR("%04d/%02d/%02dT%02d:%02d:%02d"), year, month, day, hour, minute, second);
+    snprintf_P(buffer, strlen(buffer), PSTR("%04d/%02d/%02dT%02d:%02d:%02d"), year, month, day, hour, minute, second);
     return String(buffer);
 }
 
diff --git a/code/espurna/relay.ino b/code/espurna/relay.ino
index 27572891..08e06a01 100644
--- a/code/espurna/relay.ino
+++ b/code/espurna/relay.ino
@@ -144,9 +144,9 @@ void relayPulseMode(unsigned int value, bool report) {
     /*
     if (report) {
         char topic[strlen(MQTT_TOPIC_RELAY) + 10];
-        sprintf_P(topic, PSTR("%s/pulse"), MQTT_TOPIC_RELAY);
+        snprintf_P(topic, strlen(topic), PSTR("%s/pulse"), MQTT_TOPIC_RELAY);
         char value[2];
-        sprintf_P(value, PSTR("%d"), value);
+        snprintf_P(value, strlen(value), PSTR("%d"), value);
         mqttSend(topic, value);
     }
     */
@@ -324,10 +324,10 @@ void relaySetupAPI() {
     for (unsigned int relayID=0; relayID<relayCount(); relayID++) {
 
         char url[15];
-        sprintf_P(url, PSTR("%s/%d"), MQTT_TOPIC_RELAY, relayID);
+        snprintf_P(url, strlen(url), PSTR("%s/%d"), MQTT_TOPIC_RELAY, relayID);
 
         char key[10];
-        sprintf_P(key, PSTR("%s%d"), MQTT_TOPIC_RELAY, relayID);
+        snprintf_P(key, strlen(key), PSTR("%s%d"), MQTT_TOPIC_RELAY, relayID);
 
         apiRegister(url, key,
             [relayID](char * buffer, size_t len) {
@@ -391,7 +391,7 @@ void relayMQTTCallback(unsigned int type, const char * topic, const char * paylo
         #endif
 
         char buffer[strlen(MQTT_TOPIC_RELAY) + 3];
-        sprintf_P(buffer, PSTR("%s/+"), MQTT_TOPIC_RELAY);
+        snprintf_P(buffer, strlen(buffer), PSTR("%s/+"), MQTT_TOPIC_RELAY);
         mqttSubscribe(buffer);
 
     }
@@ -441,7 +441,7 @@ void relaySetupMQTT() {
 void relayInfluxDB(unsigned char id) {
     if (id >= _relays.size()) return;
     char buffer[10];
-    sprintf_P(buffer, PSTR("%s,id=%d"), MQTT_TOPIC_RELAY, id);
+    snprintf_P(buffer, strlen(buffer), PSTR("%s,id=%d"), MQTT_TOPIC_RELAY, id);
     influxDBSend(buffer, relayStatus(id) ? "1" : "0");
 }
 #endif
diff --git a/code/espurna/rfbridge.ino b/code/espurna/rfbridge.ino
index 83b9fde4..ee2aa9af 100644
--- a/code/espurna/rfbridge.ino
+++ b/code/espurna/rfbridge.ino
@@ -58,7 +58,7 @@ void _rfbLearn() {
 
     #if WEB_SUPPORT
         char buffer[100];
-        snprintf_P(wsb, strlen(buffer), PSTR("{\"action\": \"rfbLearn\", \"data\":{\"id\": %d, \"status\": %d}}"), _learnId, _learnStatus ? 1 : 0);
+        snprintf_P(buffer, strlen(buffer), PSTR("{\"action\": \"rfbLearn\", \"data\":{\"id\": %d, \"status\": %d}}"), _learnId, _learnStatus ? 1 : 0);
         wsSend(buffer);
     #endif
 
@@ -120,7 +120,7 @@ void _rfbDecode() {
         // Websocket update
         #if WEB_SUPPORT
             char wsb[100];
-            sprintf_P(wsb, strlen(wsb), PSTR("{\"rfb\":[{\"id\": %d, \"status\": %d, \"data\": \"%s\"}]}"), _learnId, _learnStatus ? 1 : 0, buffer);
+            snprintf_P(wsb, strlen(wsb), PSTR("{\"rfb\":[{\"id\": %d, \"status\": %d, \"data\": \"%s\"}]}"), _learnId, _learnStatus ? 1 : 0, buffer);
             wsSend(wsb);
         #endif
 
@@ -216,7 +216,7 @@ void _rfbMqttCallback(unsigned int type, const char * topic, const char * payloa
 
     if (type == MQTT_CONNECT_EVENT) {
         char buffer[strlen(MQTT_TOPIC_RFLEARN) + 3];
-        sprintf_P(buffer, PSTR("%s/+"), MQTT_TOPIC_RFLEARN);
+        snprintf_P(buffer, strlen(buffer), PSTR("%s/+"), MQTT_TOPIC_RFLEARN);
         mqttSubscribe(buffer);
         mqttSubscribe(MQTT_TOPIC_RFOUT);
     }
@@ -257,13 +257,13 @@ void _rfbMqttCallback(unsigned int type, const char * topic, const char * payloa
 void rfbStore(unsigned char id, bool status, const char * code) {
     DEBUG_MSG_P(PSTR("[RFBRIDGE] Storing %d-%s => '%s'\n"), id, status ? "ON" : "OFF", code);
     char key[8] = {0};
-    sprintf_P(key, PSTR("rfb%d%s"), id, status ? "on" : "off");
+    snprintf_P(key, strlen(key), PSTR("rfb%d%s"), id, status ? "on" : "off");
     setSetting(key, code);
 }
 
 String rfbRetrieve(unsigned char id, bool status) {
     char key[8] = {0};
-    sprintf_P(key, PSTR("rfb%d%s"), id, status ? "on" : "off");
+    snprintf_P(key, strlen(key), PSTR("rfb%d%s"), id, status ? "on" : "off");
     return getSetting(key);
 }
 
@@ -288,7 +288,7 @@ void rfbLearn(unsigned char id, bool status) {
 void rfbForget(unsigned char id, bool status) {
 
     char key[8] = {0};
-    sprintf_P(key, PSTR("rfb%d%s"), id, status ? "on" : "off");
+    snprintf_P(key, strlen(key), PSTR("rfb%d%s"), id, status ? "on" : "off");
     delSetting(key);
 
     // Websocket update
diff --git a/code/espurna/web.ino b/code/espurna/web.ino
index b5004458..5e032b0f 100644
--- a/code/espurna/web.ino
+++ b/code/espurna/web.ino
@@ -383,7 +383,7 @@ void _wsParse(uint32_t client_id, uint8_t * payload, size_t length) {
 void _wsStart(uint32_t client_id) {
 
     char chipid[6];
-    sprintf_P(chipid, PSTR("%06X"), ESP.getChipId());
+    snprintf_P(chipid, strlen(chipid), PSTR("%06X"), ESP.getChipId());
 
     DynamicJsonBuffer jsonBuffer;
     JsonObject& root = jsonBuffer.createObject();
@@ -764,7 +764,7 @@ ArRequestHandlerFunction _bindAPI(unsigned int apiID) {
         // Format response according to the Accept header
         if (_asJson(request)) {
             char buffer[64];
-            sprintf_P(buffer, PSTR("{ \"%s\": %s }"), api.key, p);
+            snprintf_P(buffer, strlen(buffer), PSTR("{ \"%s\": %s }"), api.key, p);
             request->send(200, "application/json", buffer);
         } else {
             request->send(200, "text/plain", p);
@@ -913,7 +913,7 @@ void _onGetConfig(AsyncWebServerRequest *request) {
     }
 
     char buffer[100];
-    sprintf_P(buffer, PSTR("attachment; filename=\"%s-backup.json\""), (char *) getSetting("hostname").c_str());
+    snprintf_P(buffer, strlen(buffer), PSTR("attachment; filename=\"%s-backup.json\""), (char *) getSetting("hostname").c_str());
     response->addHeader("Content-Disposition", buffer);
     response->setLength();
     request->send(response);
@@ -988,7 +988,7 @@ void _onUpgradeData(AsyncWebServerRequest *request, String filename, size_t inde
 void webSetup() {
 
     // Cache the Last-Modifier header value
-    sprintf_P(_last_modified, PSTR("%s %s GMT"), __DATE__, __TIME__);
+    snprintf_P(_last_modified, strlen(_last_modified), PSTR("%s %s GMT"), __DATE__, __TIME__);
 
     // Create server
     _server = new AsyncWebServer(getSetting("webPort", WEB_PORT).toInt());