On Tue, Jun 30, 2015 at 12:23:08PM -0700, Junio C Hamano wrote: > >> Why can't I shake this feeling that (" %s", fmt), i.e. prepend not > >> append, is the safer thing to do than to append? > > > > Because then removing the extra space involves `memmove` of the buffer, > > rather than just shortening the length by one. > > That does not explain why I feel the other way is safer, though ;-) Sorry, I think I read it as "saner". ;) > In any case, responding myself to my other question, strftime(3) > does not define any useful error information even for a case where > you feed nonsense format to it, so it is even not possible to > protect ourselves by checking errno or doing something similar X-<. I do think " %" is probably safer than "% " in that it is less likely to cause weird output from strftime (e.g., I could see an implementation treat "%X", where "X" is unknown, as just "X", but treat a trailing "%" as a raw "%"). But I doubt there is an implementation that would return "0" for one but not the other (anything's possible of course, but we are deep in the realm of guessing how systems might implement the standard, so it's really our best guess until somebody can present a particular data point; I've looked only at glibc and it is sane). -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html