On Jan 9, 2008 9:25 PM, Duncan Patton a Campbell <[EMAIL PROTECTED]> wrote:
> This may be a bug in FreeBSD, because it will work correctly if I pass a size
> of
> length +2 to strftime in OpenBSD.
Actually, they both conform. It's your code that's broken.
The 'maxsize' argument is the maximum number of bytes that will be
written to the buffer. That is, it *includes* the NUL terminator.
So, you're passing a maxsize value one too small for the string you
want strftime() to write. That's unfortunate, because you actually
allocated a buffer that was big enough. You simply didn't tell
strftime() that there was enough space.
Now for the fun: the C standard says:
If the total number of resulting characters including the terminating null
character is not more than maxsize, the strftime function returns the
number of characters placed into the array pointed to by s not including
the terminating null character. Otherwise, zero is returned and the
contents of the array are indeterminate.
So, the results in the buffer are indeterminate after the error. A
conforming implementation may insert curse words into the buffer (if
there's space for them) and return zero. Once it returns zero, any
code that assumes the buffer contains something useful is *NOT
PORTABLE*. Fix your code to
1) pass the same size value to malloc() and strftime(), and
2) check the strftime() return value and *NOT* use the buffer if it
returns zero.
Philip Guenther
