Daniel Ryde writes:
> > vsnprintf(mp,sizeof(message)-(mp - message)-3,format,ap);
>
> Dangerous, if the string is truncated it will skip the null termination,
This came up a while back. Some versions of [v]snprintf copy
size - 1 characters into str and then null terminate. Example: the
OpenBSD snprinf man page says:
Snprintf(), vsnprintf(), asnprintf() and vasnprintf() will write at most
size-1 of the characters printed into the output string (the size'th
character then gets the terminating `\0'); if the return value is greater
than or equal to the size argument, the string was too short and some of
the printed characters were discarded.
It's possible that the author is using a system with the above semantics.
People patching the code must know what their [v]snprintf does.
// marc
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:59 PDT