Fixes String(float) issue with Stack Smashing

SuGlider · SuGlider · commit f3c7b4980ded · 2022-01-16T18:34:21.000-03:00
diff --git a/cores/esp32/WString.cpp b/cores/esp32/WString.cpp
@@ -114,14 +114,14 @@ String::String(unsigned long value, unsigned char base) {
 
 String::String(float value, unsigned char decimalPlaces) {
     init();
-    char buf[34];
-    *this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf);
+    char buf[64];
+    *this = dtostrf(value, sizeof(buf) - 1, decimalPlaces, buf);
 }
 
 String::String(double value, unsigned char decimalPlaces) {
     init();
-    char buf[34];
-    *this = dtostrf(value, (decimalPlaces + 2), decimalPlaces, buf);
+    char buf[64];
+    *this = dtostrf(value,  sizeof(buf) - 1, decimalPlaces, buf);
 }
 
 String::~String() {
diff --git a/cores/esp32/stdlib_noniso.c b/cores/esp32/stdlib_noniso.c
@@ -92,25 +92,36 @@ char* ultoa(unsigned long value, char* result, int base) {
 // This version is intended to be user proof
 // It avoids Stack Smashing issue, even for s = String(-234223.4f, 32) or String(0.0f, 100) 
 char *dtostrf(double number, signed char width, unsigned char prec, char *s) {
-  char fmt[34];
-  // calculates how many characters the integer part of the float will take
-  sprintf(fmt, "%32.0f", number);
-  // finds the start of number ignoring the blanks
-  char *start = fmt;
-  while (*start == ' ') start++;
-  unsigned char numSize = strlen(start), maxSize = sizeof(fmt) - 1;
-  int maxPrec;
-
-  if (prec) numSize += 1; // for the '.'
-
-  // avoiding Stack smashing protect failure!
-  if (width > maxSize) width = maxSize;
-  maxPrec = maxSize - numSize;
-  prec = maxPrec > 0 ? maxPrec : 0;
-  
-  sprintf(fmt, "%%%d.%df", width, prec);
-  sprintf(s, fmt, number);
-  return s;
+    char fmt[20];  // just for the formating in sprintf()
+    uint8_t numSize = 0;
+    int maxPrec;
+
+    if (isnan(number)) {
+        strcpy(s, "nan");
+        return s;
+    }
+    if (isinf(number)) {
+        strcpy(s, "inf");
+        return s;
+    }
+
+    // calculates how many characters the integer part of the float will take
+    if (number < 0) {   // number is negative
+        numSize = 1;    // for the '-' simbol
+    }
+    double n = fabs(number);
+    do {
+        numSize++;
+        n = n / 10;
+    } while (n > 1);
+    if (prec) numSize += 1; // for the '.'
+    // avoiding Stack smashing protect failure!
+    maxPrec = width - numSize;
+    if (prec) prec = maxPrec > 0 ? maxPrec : 0;
+
+    sprintf(fmt, "%%%d.%df", numSize, prec);
+    sprintf(s, fmt, number);
+    return s;
 }
 #else
 // orginal code from Arduino ESP8266
