Validated that string_buffer is not leaking info.

2 files changed, 14 insertions, 13 deletions

diff --git a/main.c b/main.c
index 1dc2ac0..416c040 100644
--- a/main.c
+++ b/main.c
@@ -82,14 +82,10 @@ int countdown_to_autosave	= -1;
 char *app_folder			= NULL;
 char *db_file_path			= NULL;
 char *ar_file_path			= NULL;
-char *string_buffer 		= NULL;
+char *string_buffer 		= NULL; // A temporary buffer for localized actions. Please avoid data leaks and out-of-bounds errors.
 size_t string_buffer_size	= 0;
 int size_x, size_y, pos_x, pos_y;
 
-void inline static clear_string_buffer() {
-	memset(string_buffer, 0, string_buffer_size);
-}
-
 void inline static trigger_autosave() {
 	countdown_to_autosave = 13375; // ms
 }
@@ -1000,9 +996,9 @@ void draw_tui(database_st *db, layout_st *layout) {
 	
 	///////////////////////////////////////////////////////////////////////////
 	// Draw selected/total tasks.
-	sprintf(string_buffer, " %td/%zd ", db->selected_task+1, db->count);
+	sprintf(string_buffer, " %td/%zd ", db->selected_task+1, db->count); // TODO snprintf() > string_buffer_size => error
 	if (strlen(string_buffer) > layout->columns[L_TITLE_IDX].width) {
-		sprintf(string_buffer, "%td", db->selected_task+1);
+		sprintf(string_buffer, "%td", db->selected_task+1); // TODO snprintf() > string_buffer_size => error
 	}
 	mvaddstr(size_y-1, 1, string_buffer);
 	
@@ -1277,8 +1273,7 @@ int main(int argc, char *argv[]) {
 				// Get new task name.
 				echo();
 				curs_set(1);
-				clear_string_buffer();
-// 				memset(string_buffer, 0, string_buffer_size); TODO
+				memset(string_buffer, 0, string_buffer_size);
 				mvgetnstr(selected_task_row, 1, string_buffer, MAX_TASK_NAME-1);
 				noecho();
 				curs_set(0);
@@ -1358,7 +1353,6 @@ int main(int argc, char *argv[]) {
 				
 				attrset(A_NORMAL);
 				
-				
 				// TODO Check if parsed OK. For that, I need to read the manual to know what strtoX returns.
 				// TODO It seems that the float parsing may return INF or NAN. Take special care with those.
 				// TODO Once I know the parse was OK, I'll check the remaining of the string for multiplies:
@@ -1367,6 +1361,8 @@ int main(int argc, char *argv[]) {
 				//		h/H - hour
 				//		d/D - day
 				//		y/Y - year
+				
+				// TODO Review code
 				char *input = string_buffer;
 	
 				if (is_empty_string(input) == true) {
@@ -1481,9 +1477,11 @@ int main(int argc, char *argv[]) {
 				
 				attrset(A_NORMAL);
 				
-				char *parser;
+				char *parser; // TODO Rename var.
 				intmax_t input = strtoimax(string_buffer, &parser, 10) - 1;
 				
+				// TODO Add comment about this comparison... is checking what? - ALSO ADD THIS BELOW
+				// If endptr is not NULL, strtol() stores the address of the first invalid character in *endptr.  If there were no digits at all, strtol() stores the original value of nptr in *endptr (and returns 0).  In particular, if *nptr  is  not  '\0' but **endptr is '\0' on return, the entire string is valid.
 				if (parser == string_buffer) {
 					break;
 				}
@@ -1526,6 +1524,8 @@ int main(int argc, char *argv[]) {
 				char *parser;
 				intmax_t input = strtoimax(string_buffer, &parser, 10) - 1;
 				
+				// TODO Add comment about this comparison... is checking what? - ALSO ADD THIS BELOW
+				// If endptr is not NULL, strtol() stores the address of the first invalid character in *endptr.  If there were no digits at all, strtol() stores the original value of nptr in *endptr (and returns 0).  In particular, if *nptr  is  not  '\0' but **endptr is '\0' on return, the entire string is valid.
 				if (parser == string_buffer) {
 					break;
 				}
diff --git a/readme.md b/readme.md
index 7525e00..bf8797d 100644
--- a/readme.md
+++ b/readme.md
@@ -56,8 +56,9 @@ Task Time Tracker
 - [x] Use backspace to clear all timers for current task.
 - [x] Move `store_database_partial` to misc and save only when leaving or after 15 seconds of inactivity and having dirty flag set.
 - [x] Register kill signals to exit gracefully.
-- [ ] Check if string_buffer needs to be cleared. We may be leaking info on the string_buffer.
-- [ ] Maybe replace all `sprintf` by `snprintf`;
+- [x] Check if string_buffer needs to be cleared. We may be leaking info on the string_buffer.
+- [ ] Check if any `sprintf` needs to be replaced by `snprintf`;
+- [ ] Make sure that string_buffer bounds are respected;
 - [ ] REVISE ALL CODE ptrdiff_t/size_t (signed/unsigned)!
 - [ ] Go over all `TODO` items;
 - [ ] Cleanup `draw_tui`: