Fix double free vulnerability

[RegularRabbit05]

Your current ~Cipher will run a delete operation on a stack string or your constant, shared, example key which results in undefined behavior (perhaps this is the cause of) #9
I've moved the private key to a standard char array that will be allocated on the stack (if Cipher is created without "new" obviously, else it will be in the heap but in the same memory region) which doesn't need a destructor. I've also removed the DEBUG constant as the user should enable it manually outside the library so that using it in the ide will be easier and moved your shared key to a macro for simplicity.

[Copilot]

Pull request overview

This PR fixes a critical double-free vulnerability in the Cipher class by converting privateCipherKey from a dynamically allocated char* pointer to a stack-allocated char[17] array. This change eliminates undefined behavior caused by attempting to delete string literals or stack-allocated strings.

Key Changes:

• Changed privateCipherKey from a pointer to a fixed-size array (17 characters including null terminator)
• Removed the destructor implementation that was causing the double-free issue
• Updated parameter types to const char* for better const-correctness
• Removed the CIPHER_DEBUG define and moved the default key to a macro

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 7 comments.

File	Description
src/Cipher.h	Changed privateCipherKey to a stack-allocated array, made constructor/setKey parameters const, and replaced manual destructor with default destructor
src/Cipher.cpp	Updated key management to use strcpy() instead of pointer assignment, replaced destructor logic, and added CIPHER_DEFAULT_KEY macro

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.