Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!snorkelwacker.mit.edu!bloom-beacon!eru!hagbard!sunic!fuug!news.funet.fi!hydra!klaava!wirzeniu
From: wirzeniu@klaava.Helsinki.FI (Lars Wirzenius)
Newsgroups: comp.lang.c
Subject: Re: space allocation for sprintf()
Message-ID: <1991Jun9.155147.365@klaava.Helsinki.FI>
Date: 9 Jun 91 15:51:47 GMT
References: <1991Jun5.174543.266@dg-rtp.dg.com> <1991Jun6.162723.27307@zoo.toronto.edu> <1167@mwtech.UUCP>
Organization: University of Helsinki
Lines: 17

In article <1167@mwtech.UUCP> martin@mwtech.UUCP (Martin Weitzel)
writes:
>[ as a suggestion for handling problems when sprintf overflows the buffer ]
>	#define MAX 40		/* if you think that 40 is enough */
>	char buffer[MAX+1];
>	buffer[MAX] = '\0';
>	sprintf(buffer, ......);
>	if (buffer[MAX] != '\0') abort();

May I further suggest that another character than '\0' be used.  A
frequent problem (for me, at least) is the 'off-by-one error' (e.g.,
some limit or array bound is one too small). This type of error would
print one character too many to the buffer, but this isn't noticed if
the validation character is '\0'. If available, a char value that
doesn't correspond to a normal character would be best.
-- 
Lars Wirzenius     wirzeniu@cc.helsinki.fi