mailing list archives
syslog()/snprintf(): beware of functions with fuzzy specs
From: dmorriso () us oracle com (Dave Morrison)
Date: Fri, 1 Sep 1995 17:23:53 -0700
There are some nasty semantic questions associated with the proper
return value for snprintf.
BSD4.4 snprintf()s return the number of characters they would have
written had the buffer been infinite. This is despite the manual page
saying they return the number of characters actually written.
Number of characters written does not include the NULL.
GNU snprintf()s return the number of characters actually written (minus
the NULL). On a overflowed buffer, the GNU documentation conflicts with
itself. At one point it says, (bufsiz - 1) is returned, and in another
example it says (bufsiz) is returned (but (bufsiz - 1) plus a NULL
character are written). I'm not sure what it does for real.
I've seen a few other cobbled version of *nprintf. I'm best off with a
dart board if I needed to apriori determine what they do on the boundary
Some important boundary cases:
vsnprintf (buf, bufsiz, fmt, ap)
bufsiz = 0
bufsiz = 1
bufsiz = amount of chars sprint will use, less one for the null
bufsiz = amount of chars sprint will use, no room for null
bufsiz = less than amount of chars sprint will use
Which return values of -1, 0, bufsiz - 1, bufsiz, or >bufsiz (heaven
forbid a core dump)? Do they write on buf[bufsiz]? What do they write
to buf? What is the state of NULL terminatation on each of the
sitations above? Many different answers have I seen.
For those of you working on syslog patches using *nprintf, you will do
the world a favor if you make it explicitly clear the semantics you
dmorriso () us oracle com
- syslog()/snprintf(): beware of functions with fuzzy specs Dave Morrison (Sep 02)