From: Christophe JAILLET > Sent: 22 March 2020 17:25 > 'scnprintf' returns the number of characters written in the output buffer > excluding the trailing '\0', instead of the number of characters which > would be generated for the given input. > > Both function return a number of characters, excluding the trailing '\0'. > So comparaison to check if it overflows, should be done against max_size-1. > Comparaison against max_size can never match. NACK. Since snprintf() returns the number of characters it would have written to an infinite buffer the comparison can 'match'. However it should test for (ret >= PATH_MAX). David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
