...
| Code Block | ||
|---|---|---|
| ||
int rc = 0;
int stringify = 0x80000000;
char buf[sizeof("256")];
rc = snprintf(buf, sizeof(buf), "%u", stringify >> 24);
if (rc == -1 || rc >= sizeof(buf)) {
/* handle error */ ;
}
|
In this example, stringify >> 24 evaluates to 0xFFFFFF80, or 4,294,967,168. When converted to a string, the resulting value "4294967168" is too large to store in buf and is truncated by snprintf().
...
| Code Block | ||
|---|---|---|
| ||
int rc = 0;
unsigned int stringify = 0x80000000;
char buf[sizeof("256")];
rc = snprintf(buf, sizeof(buf), "%u", stringify >> 24);
if (rc == -1 || rc >= sizeof(buf)) {
/* handle error */ ;
}
|
Also, consider using the sprintf_s() function defined in ISO/IEC TR 24731-1 instead of snprintf() to provide some additional checks (see STR07-A. Use TR 24731 for remediation of existing string manipulation code).
...