getRSSI - buffer overrun

[zpm1066]

Thank you for the enhancements to the trigBoardV8_BaseFirmware enhancements.

There is a buffer overrun issue in getRSSI().

includes.h:

char rssiChar[5];

WiFi.ino:

void getRSSI() {
  //Serial.print("WiFi RSSI = ");
  int rssiAbs = WiFi.RSSI();
  //Serial.println(rssiAbs);
  if (rssiAbs < 0);
  rssiAbs = rssiAbs * -1;
  sprintf(rssiChar, "%idBm", rssiAbs);//can't have any dashes (-)
}

I'd recommend to use snprintf()and increase the size of rssChar (e.g. 8) to accommodate absolute RSSI values of up to three digits.

snprintf(rssiChar,sizeof(rssiChar),"%idBm", rssiAbs);

[krdarrah]

that's a good idea, but have you seen a crash due to this? Just trying see how urgent the fix needs to be

[zpm1066]

Yes. The rssiChar[5] buffer overrun in getRSSI() causes the ESP32 to crash continuously.

A change to snprintf() fixes the ESP32 crashes but only writes four characters. This is expected, rssiChar[5]cannot hold five characters.

You may not observe a crash, it depends on what memory the buffer overrun overwrites. In my case (I have customized your software), the ESP32 crashes as a result.

In general, it's a good software practice to use snprintf() vs. sprintf(). I'd recommend that you make a change in the next firmware update or sooner if your build also crashes.

[krdarrah]

Yes, thanks! Sounds like I got lucky with the base firmware release, but will implement asap

[zpm1066]

Hi Kevin. You're most welcome. btw - Any plans on utilizing the new ESP32-S2/S3 in your projects or perhaps lower cost micro-controllers like the Raspberry Pi RP2040? Just curious as to what other products may be on the horizon from you. Cheers!

[krdarrah]

Thanks! Actually this is something I've been working - should be avail in March 2022 https://espprogrammerdocs.readthedocs.io/en/latest/