From 59b30d692a8d3fca876ff62875c200546d15a178 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Wed, 20 Mar 2024 19:42:32 +0100
Subject: Check width in Row_printPercentage()

The passed width should always be at least 4, otherwise printing will
always truncate and lead to an abort().

The passed should not be greater or equal to the available buffer size,
otherwise printing will always truncate and lead to an abort().

Add fallback for non debug builds.
---
 Row.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Row.c b/Row.c
index 9ea3f073..3ee87cdb 100644
--- a/Row.c
+++ b/Row.c
@@ -442,6 +442,10 @@ void Row_printLeftAlignedField(RichString* str, int attr, const char* content, u
 }
 
 int Row_printPercentage(float val, char* buffer, size_t n, uint8_t width, int* attr) {
+   assert(width >= 4 && width < n && "Invalid width in Row_printPercentage()");
+   // truncate in favour of abort in xSnprintf()
+   width = (uint8_t)CLAMP(width, 4, n - 1);
+
    if (isNonnegative(val)) {
       if (val < 0.05F)
          *attr = CRT_colors[PROCESS_SHADOW];
-- 
cgit v1.2.3