I have a small char array (let's say 10 bytes) that I want to pass into sprintf(). What happens if sprintf() pushes too much onto that array? Here's an example of how to reproduce this:

This will crash with a SEGFAULT (so if you run it, do it through a debugger). Apparently, sprintf() is unsafe and "keeps going until it's done" but doesn't do any bounds checking.

Is there a "safe" sprintf() function, like sprintnf() that I can use to ensure that I don't exceed a specified size?

Of course, because you don't tell it how big its bounds are (it's not psychic).

snprintf
Or using that other OS that doesn't like to play by everyone else's standards: _snprintf or sprintf_s.

Perfect. Thanks, KC!

I personally like using the return value of snprintf, and passing NULL to the string arg so it just calculates the total length, and then allocating a properly sized buffer to do it again.

Another option is to use GCC's asprintf. It allocates the buffer for you.

Uhh... you're using iostream and sprintf? Why???

Use #include <strstream>

O_o

    char* buf = NULL;
    int len = 0;

    len = snprintf(buf, 0, "foo");
    buf = (char*)malloc(len+1);
    len = snprintf(buf, len, "foo");

    char* buf = NULL;
    int len = 0;

    len = snprintf(buf, 0, "foo");
    buf = (char*)malloc(len);
    len = snprintf(buf, len, "foo");

pretty much, though I'd do it like so:

    char* buf = NULL;
    int len = 0;

    len = snprintf(NULL, 0, "foo");
    buf = (char*)malloc(len+1);
    snprintf(buf, len, "foo");

Just to be obvious about the NULL bit.

Stringstream = better.

Is there a sprintf()-style function available for std::string? If so, you wouldn't need to worry about memory allocation/deallocation or string length.

Does std::stringstream allow you to do this?

Though you get problems trying to use it in C.

OnlineCop: yes.