Argh. How frustrating.
But the only formatting errors that can occur, as far as I can
tell from the standard, are "encoding errors", which cannot occur
in the C locale as far as I know. So this is unlikely to be a
problem in practice for many programs.
That appears to be true for N869. Of course, some programs must
deal with multibyte characters and so are potentially susceptible
to negative return values from snprintf.
SUSv3 et al. also allow a negative return if the number of bytes
needed to hold the fully-formatted string is larger than INT_MAX,
or if the "n" parameter (the size of the buffer) is greater than
INT_MAX. N869 doesn't explicitly cover those cases. It also
allows a negative return if "there are insufficient arguments"
(assuming, of course, that the implementation can detect this!).
And there are cases for the printf family that produce UB (such
as a precision specifier for a conversion that doesn't support
such a specifier), and a polite implementation might return a
negative value for them.
But in general, yes, it's unlikely to be an issue for many
programs in practice. I just find it worrying that these pre-C99
snprintf implementations would fail to distinguish between two
very different error conditions - particularly since one is the
sort of error which the program might well be able to (and try
to) correct, while the other is not.
Calling realloc() forces the implementation to copy data, which
is wasteful because the data isn't going to be used. Calling
free() avoids the copy.
Good point (though there's no guarantee that the implementation
has to copy the data - it might be able to satisfy the realloc
request in place - but that's a good rule of thumb).
--
Michael Wojcik (e-mail address removed)
This is a "rubbering action game," a 2D platformer where you control a
girl equipped with an elastic rope with a fishing hook at the end.
-- review of _Umihara Kawase Shun_ for the Sony Playstation