
Jim Douglas wrote:
Normally, in C (or even some C++ code), you have constructs that look
Reece Dunn wrote: like
this:
char buffer[ 15 ]; sprintf( buffer, "Some %s text", "verly long" );
No self-respecting coding standard would allow you to write the code above. Rather it would insist that at least you wrote:
snprintf( buffer, 15, "Some %s text", "verly long" );
Does that not solve the problem of overruns?
Coinsider: wsnprintf( buffer, sizeof(buffer), L"Some %s text", L"verly long" ); as the second example demonstrated. You are using the safe version of the string API, but passing in an incorrect size due to an incorrect sizeof() calculation. Where the above should be: wsnprintf( buffer, sizeof(buffer)/sizeof(buffer[0]), L"Some %s text", L"verly long" ); - Reece