Buffer overflows in phy_chan and svc_id due to small buffers #74
Description
Buffers like phy_chan and chan_major are declared as char[4], but they hold uint16_t values which require up to 6 bytes (5 digits + null terminator).
// text.cpp
char phy_chan[4];
// ...
// physical_channel is uint16_t (max 65535) -> requires 6 bytes
sprintf(phy_chan, "%d", c->physical_channel);
Writing "65535" into a 4-byte buffer overflows the stack by 2 bytes.
Affected arrays:
- phy_chan[4] (needs 6 bytes)
- chan_major[4] (needs 6 bytes)
- chan_minor[4] (needs 6 bytes)
Consider fixing: Resize these buffers to 8 bytes.
Thank you!