On Mon, Aug 25, 2014 at 03:02:21PM +0200, Arturo Borrero Gonzalez wrote: > We must make sure the buffer contains a \0 in the last position, > to avoid printing trash by the last fprintf() call. snprintf already guarantees that the string is nul-terminated if there is enough room to add \0. ret = snprintf_cb(buf, bufsiz, obj, type, flags); if (ret < 0) goto out; if (ret >= NFT_SNPRINTF_BUFSIZ) { bufsiz = ret + 1; buf = malloc(bufsiz); if (buf == NULL) return -1; ret = snprintf_cb(buf, bufsiz, obj, type, flags); if (ret < 0) goto out; } ret = fprintf(fp, "%s", buf); I think we have guarantees that buf is always nul-terminated after the second try. Patch 2/2 looks good to enough to me since it already resolves the printed "garbage" at the end of the output issue. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html