* Jeff Law: >>>> sprintf(buf, "%s %d", buf, x);
>> Or we could make this well-defined because it is such a useful >> extension. > That just encourages developers to write non-portable code. I'd > rather see this kind of thing halt the program in its tracks before > wandering into the realm of undefined or implementation defined > behavior. But then the programmer will likely write something like this: sprintf(buf + strlen (buf), "%d", x); Or perhaps even: snprintf(buf + strlen (buf), sizeof (buf), "%d", x); (This passes an incorrect size.) As far as I can tell, this idiom currently prevents __builtin_object_size from providing useful data and makes us lose fortify protection, while Bernd's original code has it.
