From a9a734ddba7150d352a93712dbb9db713240c971 Mon Sep 17 00:00:00 2001
From: stegerfa <128254543+stegerfa@users.noreply.github.com>
Date: Fri, 1 Dec 2023 09:14:42 +0100
Subject: [PATCH] fixed possible char array overflow (#20133)

* fixed possible char array overflow

the temporary char arrays size was fixed to 4 bytes before.
snprintf was set for the second char, so maximum size must be limited to 4-1, instead of 4 bytes.
to avoid further mistakes usage of a #define
(assuming that flaw made never problems as the number of attached sensors was usually <99)

* fixed possible char array overflow, optimization of preprocessor-constant name

instead using shortname TEMPLEN for the preprocessor-constant using a name specific to the thermostat-function to avoid interference with the rest of the project

* fixed possible char array overflow, no preprocessor constant neccessary

fixed possible char array overflow, without using preprocessor constant
---
 tasmota/tasmota_xdrv_driver/xdrv_39_thermostat.ino | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasmota/tasmota_xdrv_driver/xdrv_39_thermostat.ino b/tasmota/tasmota_xdrv_driver/xdrv_39_thermostat.ino
index b3af31b20..ed6724485 100644
--- a/tasmota/tasmota_xdrv_driver/xdrv_39_thermostat.ino
+++ b/tasmota/tasmota_xdrv_driver/xdrv_39_thermostat.ino
@@ -1400,7 +1400,7 @@ void ThermostatGetLocalSensor(uint8_t ctr_output) {
         &&(ctr_output < THERMOSTAT_SENSOR_NUMBER)) {
       char temp[4];
       temp[0] = IndexSeparator();
-      snprintf(&temp[1], 4, "%u", (ctr_output + 1));
+      snprintf(&temp[1], sizeof(temp)-1, "%u", (ctr_output + 1));
       sensor_name.concat(temp);
     }
     JsonParserToken value_token = root[sensor_name].getObject()[PSTR("Temperature")];