From f303f9f03238fa2c2c02ab2a95d28a403ed58d3a Mon Sep 17 00:00:00 2001
From: localhorst <localhorst@mosad.xyz>
Date: Sun, 7 Dec 2025 19:01:13 +0100
Subject: [PATCH] Integer Overflow in sprintf Buffer

---
 include/reHDD.h | 2 +-
 src/drive.cpp   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/reHDD.h b/include/reHDD.h
index 893b0bd..ad23206 100644
--- a/include/reHDD.h
+++ b/include/reHDD.h
@@ -31,7 +31,7 @@
 #endif
 
 // Logic
-// #define DRYRUN    // don't touch the drives
+#define DRYRUN    // don't touch the drives
 #define FROZEN_ALERT // show alert if drive is frozen
 #define ZERO_CHECK   // check drive after shred if all bytes are zero, show alert if this fails
 
diff --git a/src/drive.cpp b/src/drive.cpp
index 1ca3e61..d0b504f 100644
--- a/src/drive.cpp
+++ b/src/drive.cpp
@@ -62,8 +62,8 @@ string Drive::sCapacityToText()
         dSize /= 1000;
         u16UnitIndex++;
     }
-
-    sprintf(acBuffer, "%.*f %s", u16UnitIndex - 3, dSize, units[u16UnitIndex]);
+    int precision = (u16UnitIndex >= 3) ? (u16UnitIndex - 3) : 0;
+    sprintf(acBuffer, "%.*f %s", precision, dSize, units[u16UnitIndex]);
     return acBuffer;
 }