**Document:** N1672

**Date:** 2013-02-11

## Defect Report #4nn

Previous Defect Report < - >
Next Defect Report

**Submitter:** Douglas Walls

**Submission Date:** 2013-02-11

**Source:**WG14

**Reference Document:** N1672

**Version:** 1.0

**Date:**

**Subject:** runtime-constraint issue with sprintf family of
routines in Annex K

**Summary**

snprintf_s (Annex K.3.5.3.5)

In the "Runtime-constraints" section, K.3.5.3.5p2 first sentence it
says:

"Neither s nor format shall be a null pointer. n shall neither
equal

zero nor be greater than RSIZE_MAX."

So,

if (n == 0
|| n > RSIZE_MAX)

/* runtime constraints violation */

This is clear. However the next paragraph K.3.5.3.5p3, says this
about "s":

"If there is a runtime-constraint violation, then if s is not a
null

pointer and n is greater than zero and less than RSIZE_MAX, then
the

snprintf_s function sets s[0] to the null character."

So, it takes action when (n < RSIZE_MAX)

if (s != NULL && n > 0 && n <
RSIZE_MAX)

s[0] = '\0';

Question here is, what if n equals RSIZE_MAX? Should we still
reset

s[0]?

If I were to say this looks like a typo, would WG14 agree with
me?

That is the text of K.3.5.3.5p3 should be:

If there is a runtime-constraint violation, then if s is not
a null

pointer and n is greater than zero and not greater than
RSIZE_MAX, then the

snprintf_s function sets s[0] to the null character.

This issue applies to all the sprintf family of routines in Annex
K
**Suggested Technical Corrigendum**

snprintf_s

Replace K.3.5.3.5p3 with:

If there is a runtime-constraint violation, then if s is not
a null

pointer and n is greater than zero and not greater than
RSIZE_MAX, then the

snprintf_s function sets s[0] to the null character.

sprintf_s

Replace K.3.5.3.6p3 with:

If there is a runtime-constraint violation, then if s is not
a null

pointer and n is greater than zero and not greater than
RSIZE_MAX, then the

sprintf_s function sets s[0] to the null character.

vsnprintf_s

Replace K.3.5.3.12p3 with:

If there is a runtime-constraint violation, then if s is not
a null

pointer and n is greater than zero and not greater than
RSIZE_MAX, then the

vsnprintf_s function sets s[0] to the null character.

vsprintf_s

Replace K.3.5.3.13p3 with:

If there is a runtime-constraint violation, then if s is not
a null

pointer and n is greater than zero and not greater than
RSIZE_MAX, then the

vsprintf_s function sets s[0] to the null character.

Previous Defect Report < - >
Next Defect Report