Fix: Stricter TFT version string validation in parser and tft_ver_gte

edwardtfn · edwardtfn · commit 4ccf80545543 · 2026-04-06T16:08:42.000+02:00
#98 (comment) #98 (comment)
diff --git a/components/nspanel_easy/versioning.cpp b/components/nspanel_easy/versioning.cpp
@@ -34,17 +34,31 @@ bool tft_ver_gte(const std::string &version, const std::string &min_version) {
   int min_maj = 0, min_min = 0;
 
   // Parse both version strings — accept "major.minor" or bare "major".
-  // sscanf returns the number of fields successfully parsed; at least 1
-  // is required. A bare integer (e.g. "16") yields 1 field with minor
-  // defaulting to 0. An empty or non-numeric string yields 0, triggering
-  // the < 1 guard below. NOLINT suppresses cert-err34-c; malformed input
-  // is handled by the field count check.
+  // After parsing, reject trailing garbage by checking that sscanf consumed
+  // the entire string: re-format what was parsed and compare against input.
+  // This rejects "16.", "16x", "16.1.2", etc.
+  // NOLINT suppresses cert-err34-c; structural validation is done below.
   const int ver_fields = sscanf(version.c_str(), "%d.%d", &ver_maj, &ver_min);      // NOLINT(cert-err34-c)
   const int min_fields = sscanf(min_version.c_str(), "%d.%d", &min_maj, &min_min);  // NOLINT(cert-err34-c)
 
   if (ver_fields < 1 || min_fields < 1)
     return false;  // Fail conservatively on empty or unparseable input
 
+  // Reject partial matches by reconstructing the parsed value and comparing
+  // it against the original string — catches "16.", "16x", "16.1.2", etc.
+  char ver_buf[16], min_buf[16];
+  if (ver_fields == 1)
+    snprintf(ver_buf, sizeof(ver_buf), "%d", ver_maj);
+  else
+    snprintf(ver_buf, sizeof(ver_buf), "%d.%d", ver_maj, ver_min);
+  if (min_fields == 1)
+    snprintf(min_buf, sizeof(min_buf), "%d", min_maj);
+  else
+    snprintf(min_buf, sizeof(min_buf), "%d.%d", min_maj, min_min);
+
+  if (version != ver_buf || min_version != min_buf)
+    return false;  // Trailing garbage or extra segments detected
+
   // Compare major first, then minor.
   // Returns false conservatively on any older segment.
   if (ver_maj != min_maj)
diff --git a/esphome/nspanel_esphome_page_boot.yaml b/esphome/nspanel_esphome_page_boot.yaml
@@ -67,17 +67,17 @@ script:
             display_mode    = atoi(params[2].c_str());
             display_charset = atoi(params[3].c_str());
 
-            // Validate TFT version string — must be non-empty and match "major[.minor]" format
+            // Validate TFT version string — must be bare "major" or "major.minor",
+            // with both sides non-empty and no more than one dot.
             const std::string &ver_str = params[4];
-            bool tft_ver_valid = !ver_str.empty();
-            if (tft_ver_valid) {
-              for (const char c : ver_str) {
-                if (c != '.' && (c < '0' || c > '9')) {
-                  tft_ver_valid = false;
-                  break;
-                }
-              }
-            }
+            const size_t dot = ver_str.find('.');
+            const bool tft_ver_valid =
+                !ver_str.empty() &&
+                ver_str.find_first_not_of("0123456789.") == std::string::npos &&  // digits and dot only
+                (dot == std::string::npos ||                  // bare integer, no dot
+                 (dot != 0 &&                                 // dot not at start
+                  dot != ver_str.size() - 1 &&               // dot not at end
+                  ver_str.find('.', dot + 1) == std::string::npos));  // no second dot
             version_tft->publish_state(tft_ver_valid ? ver_str : "");
 
             ESP_LOGI("${TAG_PAGE_BOOT}", "Display params:");
diff --git a/nspanel_easy_blueprint.yaml b/nspanel_easy_blueprint.yaml
@@ -6,7 +6,7 @@
 ##################################################################################################
 ---
 blueprint:
-  name: NSPanel Easy Configuration (v2026.4.6)
+  name: NSPanel Easy Configuration (v9999.99.9)
   author: Edward Firmo (https://github.com/edwardtfn)
   description: >
     # NSPanel Easy Configuration via Blueprint
@@ -4044,7 +4044,7 @@ trigger_variables:
     }}
 
 variables:
-  blueprint_version: 2026.4.6
+  blueprint_version: 9999.99.9
   pages:
     current: '{{ states(currentpage) }}'
     alarm: "alarm"
