On Wed, 2 Nov 2016, Christos Zoulas wrote:
In article <20161102003956.35d12f...@cvs.netbsd.org>,
Paul Goyette <source-changes-d@NetBSD.org> wrote:
-=-=-=-=-=-
+ /* Handle overflow */
+ if ((size_t)count >= *len) {
+ *dest += *len - 1;
+ *len = 1;
Why *len = 1 here? Shouldn't it be 0 since there is no more room left?
No. :)
The maximum number of characters actually written by vsnprintf() will
never exceed (len - 1). So, dest gets incremented by the max, and len
gets decremented by the max.
There is always enough room left for vsnprintf() to create a new
trailing NUL.
+------------------+--------------------------+------------------------+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org |
+------------------+--------------------------+------------------------+