> There's already something wrong here -- if spec contains bad > UTF then buf will overflow all the time.
that's a good gotcha! i'd have naively assumed that sprint(buf, "%s", s) was equivalent to strcpy(buf, s). i wonder how many other bits of code are potentially broken because of this.
