Re: Are bad developer libraries the problem with M$ software?

From: Casper Dik (Casper.Dik@Sun.COM)
Date: 11/18/02

  • Next message: Michael Howard: "RE: Are bad developer libraries the problem with M$ software?"
    To: Frank Knobbe <>
    Date: Mon, 18 Nov 2002 20:36:33 +0100
    From: Casper Dik <Casper.Dik@Sun.COM>

    >As a side note, proper use of snprintf would be:
    >ret = snprintf(mystr,sizeof(mystr)-1,"Format: %s",var);

    No it would not; the proper 2nd argument is the size of whatever
    "mystr" points to; for char[] that's sizeof (mystr) (NOT -1) but
    for char * it's whatever size you alloc'ed.

    >Perhaps we should start development of a standardized 'safe' header file
    >that can contain macros for snprintf, strncat and the like.
    >#define safe_snprinf(dst,len,fmt,var)
    > snprintf(dst,(len>sizeof(dst)-1)?sizeof(dst)-1:len,fmt,var)

    I remember a bug in sendmail caused by bad use of sizef.

    >#define safe_strcat(dst,src) =20
    > strncat(dst,src,sizeof(dst))

    Same problem; not safe anyway. (sizeof (dst) - strlen(dst) - 1, if anything)