I am using snprintf like this to avoid a buffer overrun:
char err_msg[32] = {0};
snprintf(err_msg, sizeof(err_msg) - 1, "[ ST_ENGINE_FAILED ]");
I added the -1 to reserve space for the null terminator in case the string is more than 32 bytes long.
Am I correct in my thinking?
Platform:
As others have said, you do not need the -1 in this case. If the array is fixed size, I would use strncpy instead. It was made for copying strings - sprintf was made for doing difficult formatting. However, if the size of the array is unknown or you are trying to determine how much storage is necessary for a formatted string. This is what I really like about the Standard specified version of snprintf:
char* get_error_message(char const *msg) {
int e = errno;
size_t needed = snprintf(NULL, 0, "%s: %s (%d)", msg, strerror(e), e);
char *buffer = malloc(needed+1);
if (buffer) sprintf(buffer, "%s: %s (%d)", msg, strerror(e), e);
return buffer;
}
Combine this feature with va_copy and you can create very safe formatted string operations.