← Back to context

Comment by saagarjha

2 years ago

1. This returns an int.

2. This is inefficient in a similar way that strlcpy is: it does more work than the size of the buffer.

4 comments

saagarjha

Reply
jstimpfle  2 years ago

1. This is only slightly less irrelevant than "this returns a size_t" if that were so.

2. You have the option to provide the length, snprintf(buf, sizeof buf, "%.*s%.*s", len1, str1, len2, str2);

If you're bottlenecked by snprintf (hint: you aren't) then snprintf isn't your API anyway. Write some more custom code, probably some memcpy's etc.

  • saagarjha  2 years ago

    For 1: returning an int means that you get some unspecified behavior on overflow. For 2 then you need to call strlen yourself which kind of defeats the point of using snprintf because you can just use memcpy instead.

    • jstimpfle  2 years ago

      For 2: No you don't? There is no reason to fault snprintf() if you didn't already know the length of the string.

      And when you do know the lengths, no, there absolutely is a reason to use snprintf -- convenience. snprintf(buf, sizeof buf, "%s/%s", dirpath, filename); is much easier to write than an equivalent sequence of manual copies with temporary index variables and pointer arithmetic.

      Same for snprintf(buf, sizeof buf, "%.*s/%.*s", dirlen, dirpath, filelen, filename); if you really cared about squeezing the last drop from the API.

      For 1: Then don't overflow. It's not practical to process strings that big to allow a 32-bit overflow (or 16-bit overflow, on a 16-bit system), so it's unlikely anybody here has ever been in that situation anyway.

      Apart from that I'm not so sure that the API is specified to allow overflow to happen. It's probably an under-specified area of the contract, but I would first check that the result couldn't be -1 for example.

      Apart from that, what would be the reasonable specification in case of size_t overflow that would result in a controllable situation?

      Sometimes I think, C being probably better formalized than any other language is also a big reason for it being criticized so much. Language nerds just love to take the specs and try to shred it on theoretic grounds without any consideration of the practical.

      1 reply →