christf
commented
6 years ago Thank you for noticing. I was not aware that the terminating property of sprintf is platform-specific as I am working on linux and targeting linux. I guess adding mac_addr[17] = '\0'; to mac_addn2a won't hurt and is a little more defensive.
18 bytes are allocated on the stack but not initialized. Let's assume they are non null from the previous stack frame.
mac_add_n2a()will initialize thatstr_macfield but not terminate it. Then when treated as a string in thelog_debug(), stack data will be over read into the logs.