#include <stdio.h>

#include <string.h>

#include <stdlib.h>



int main(int argc, char ** argv)

{

char buf[32];

memset(buf, 0xFF, 32);

snprintf(buf, 16, "%s", "1234567890ABCDEFabcdef");

if (buf[15])

{

if (buf[15] == 'F')

printf("DANGER!!!

");

else

printf("FAILED

");

}

else

printf("OK

");

}

A seemingly innocuous bug reported by bobc turns out to be a real security problem: "snprintf" on Windows (at least w/ the TDM Mingw32 compiler) ignores the buffer length, and does not NUL terminate.If you have a C compiler, please run the following code through it and let me know for your OS and compiler versions, whether or not the result is "OK". The TDM compiler on Windows gives "DANGER", which is truly a danger: