[tuya] Replace unsafe sprintf with snprintf in light color formatting

2026-01-17 07:24:53 -07:00 · 2026-01-16 12:25:25 -10:00
2 changed files with 8 additions and 17 deletions
--- a/esphome/components/statsd/statsd.cpp
+++ b/esphome/components/statsd/statsd.cpp
@@ -114,23 +114,14 @@ void StatsdComponent::update() {
    // This implies you can't explicitly set a gauge to a negative number without first setting it to zero.
    if (val < 0) {
      if (this->prefix_) {
-        out.append(this->prefix_);
-        out.append(".");
+        out.append(str_sprintf("%s.", this->prefix_));
      }
-      out.append(s.name);
-      out.append(":0|g\n");
+      out.append(str_sprintf("%s:0|g\n", s.name));
    }
    if (this->prefix_) {
-      out.append(this->prefix_);
-      out.append(".");
+      out.append(str_sprintf("%s.", this->prefix_));
    }
-    out.append(s.name);
-    // Buffer for ":" + value + "|g\n".
-    // %g uses max 13 chars for value (sign + 6 significant digits + e+xxx)
-    // Total: 1 + 13 + 4 = 18 chars + null, use 24 for safety
-    char val_buf[24];
-    buf_append_printf(val_buf, sizeof(val_buf), 0, ":%g|g\n", val);
-    out.append(val_buf);
+    out.append(str_sprintf("%s:%f|g\n", s.name, val));

    if (out.length() > SEND_THRESHOLD) {
      this->send_(&out);
--- a/esphome/components/tuya/light/tuya_light.cpp
+++ b/esphome/components/tuya/light/tuya_light.cpp
@@ -191,7 +191,7 @@ void TuyaLight::write_state(light::LightState *state) {
      case TuyaColorType::RGB: {
        char buffer[7];
        const char *format_str = this->color_type_lowercase_ ? "%02x%02x%02x" : "%02X%02X%02X";
-        sprintf(buffer, format_str, int(red * 255), int(green * 255), int(blue * 255));
+        snprintf(buffer, sizeof(buffer), format_str, int(red * 255), int(green * 255), int(blue * 255));
        color_value = buffer;
        break;
      }
@@ -201,7 +201,7 @@ void TuyaLight::write_state(light::LightState *state) {
        rgb_to_hsv(red, green, blue, hue, saturation, value);
        char buffer[13];
        const char *format_str = this->color_type_lowercase_ ? "%04x%04x%04x" : "%04X%04X%04X";
-        sprintf(buffer, format_str, hue, int(saturation * 1000), int(value * 1000));
+        snprintf(buffer, sizeof(buffer), format_str, hue, int(saturation * 1000), int(value * 1000));
        color_value = buffer;
        break;
      }
@@ -211,8 +211,8 @@ void TuyaLight::write_state(light::LightState *state) {
        rgb_to_hsv(red, green, blue, hue, saturation, value);
        char buffer[15];
        const char *format_str = this->color_type_lowercase_ ? "%02x%02x%02x%04x%02x%02x" : "%02X%02X%02X%04X%02X%02X";
-        sprintf(buffer, format_str, int(red * 255), int(green * 255), int(blue * 255), hue, int(saturation * 255),
-                int(value * 255));
+        snprintf(buffer, sizeof(buffer), format_str, int(red * 255), int(green * 255), int(blue * 255), hue,
+                 int(saturation * 255), int(value * 255));
        color_value = buffer;
        break;
      }