[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4467) snprintf is consistenly used wrongly



Full_Name: Hallvard B Furuseth
Version: HEAD
OS: 
URL: 
Submission from: (NULL) (129.240.186.42)
Submitted by: hallvard


OpenLDAP is full of code like
  ptr += snprintf( ptr, ... );
and
  bv.bv_len = snprintf( ... );
  <use bv>;

However snprintf does not return the number of characters written, it
returns the number of characters it would write if no truncation occurs,
not including the terminating '\0'.

Correct use is:
  len = snprintf( buf, buflen, ... );
  if ( len >= buflen ) {
    Truncated to (buflen-1) chars + '\0' - or no change if buflen == 0;
  }

I imagine we could use some helper functions here, e.g. a snprintf_long()
for output of just a single arg, but I won't dive into that now.
The snprintf calls that just output a %s can probably just as well
be replaced with something else.