ref: 8eb3200286d523379295143ce3f44d77ce036d4b
parent: 565a1f08566520147a5abff5744dbcc256e5030c
author: Simon Howard <fraggle@gmail.com>
date: Tue Apr 1 16:43:45 EDT 2014
Replace all snprintf() calls with M_snprintf(). The Windows API has an _snprintf function that is not the same as Unix's snprintf(): if the string is truncated then no trailing NUL character is appended. This makes the function unsafe. Define a replacement/wrapper called M_snprintf that works the same but always appends a trailing NUL, for safety on Windows and other OSes that behave like this. Do the same thing for vsnprintf(), and update HACKING to list snprintf/vsnprintf as forbidden functions. This fixes #375; thanks to Quasar for pointing out the different behavior of these functions.