From: Christophe JAILLET
Sent: 22 March 2020 17:25NACK.
'scnprintf' returns the number of characters written in the output buffer
excluding the trailing '\0', instead of the number of characters which
would be generated for the given input.
Both function return a number of characters, excluding the trailing '\0'.
So comparaison to check if it overflows, should be done against max_size-1.
Comparaison against max_size can never match.
Since snprintf() returns the number of characters it would have
written to an infinite buffer the comparison can 'match'.
However it should test for (ret >= PATH_MAX).
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)