On Mon, Dec 19, 2016 at 05:59:06PM +0100, Johannes Schindelin wrote:
> > > > + sprintf((char *)p, "%d", ++count);
> > >
> > > Do we know the area pointed at p (which is inside buf) long enough
> > > not to overflow? If the original were 9 and you incremented to get
> > > 10, you would need one extra byte.
> >
> > Even if it is enough, I'd ask to please use xsnprintf(). In the off
> > chance that there's a programming error, we'd get a nice die("BUG")
> > instead of a buffer overflow (and it makes the code base easier to audit
> > for other overflows).
>
> I ended up with more verbose, easier-to-read code that does not try to do
> things in-place, in favor of being slightly more wasteful with strbufs.
Great. I agree that should make the whole thing way more readable.
-Peff