From eb4aacdf8afec597de1bc2c4fca629a5187b74d6 Mon Sep 17 00:00:00 2001
From: Frank <91616163+softhack007@users.noreply.github.com>
Date: Thu, 13 Oct 2022 20:23:06 +0200
Subject: [PATCH] fix string overflow

this fixes a string overflow. The "null" character did not fir into tempString, leading array-write-out-of-bounds.
---
 usermods/usermod_v2_weather/usermod_v2_weather.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usermods/usermod_v2_weather/usermod_v2_weather.h b/usermods/usermod_v2_weather/usermod_v2_weather.h
index 7afe23f3..eef09006 100644
--- a/usermods/usermod_v2_weather/usermod_v2_weather.h
+++ b/usermods/usermod_v2_weather/usermod_v2_weather.h
@@ -54,8 +54,8 @@ uint16_t mode_2DWeather(void) {
 
   // Serial.print(" temp ");
 
-  char tempString[5] = "";
-  sprintf(tempString, "%5.2f", currentTemp);
+  char tempString[6] = { '\0' };  // initialize string with zeros
+  snprintf(tempString, 5, "%5.2f", currentTemp); // snprintf will prevent overflow
   // Serial.println();
 
   CRGB color = ColorFromPalette(SEGPALETTE, map((uint8_t)currentTemp, 0, 40, 0, 255), 255, LINEARBLEND);