Hello i want to make a stopwatch but there is a error in my code.
By the way here's the code :
#include <LiquidCrystal.h>
LiquidCrystal lcd(12,11,5,4,3,2);
void setup() {
// put your setup code here, to run once:
lcd.begin(16,2);
}
int sec = 0;
int minu = 0;
int hr = 0;
void loop() {
// put your main code here, to run repeatedly:
sec = sec + 1;
lcd.print(hr + ":" + minu + ":"+ sec); // what is this? error in my code!
delay(1000);
if(sec > 59){
sec = 0;
minu = minu + 1;
}
if(minu > 59){
minu = 0;
hr = hr + 1;
}
lcd.clear();
}
we were required to take a class doing such things are Qualcomm because hackers would intentionally provide extra long strings to the device to expose flaws.
i think at the level of most OPs on the forum, this is excessive. the internal sizes of both the buffers and strings are known to the developer. they aren't being attacked by hackers. i think the goal is to make OPs aware of arduino capabilities without getting pedantic.
if you want to suggest doing such for snprintf, there are a myriad # of other cases that should also be suggested.
Yes buffer overflows can be used as a code injection / managed crash techniques By hackers but it’s also super important for newbies to understand that honoring the buffer size (with room for the trailing null) when handling cStrings is super important just for their code stability.
Here you have sized your buffer very generously for the integer so you won’t run into an issue (A comment on why you chose 80 could be useful) but in a real code OP might choose something smaller
Side note:
Isn’t void as parameter pedantic ?
C++ does not require that void be used to indicate that there are no function parameters. it is often used in this way for compatibility with C but as discussed we have a C++ compiler. That’s why the default sketch template does not use this.
