[R-pkg-devel] replacements of sprintf in compiled code
Duncan Murdoch
murdoch@dunc@n @end|ng |rom gm@||@com
Sat Jan 21 11:27:03 CET 2023
On 21/01/2023 5:15 a.m., Holger Hoefling wrote:
> Hi,
>
> In my recent re-submission with a bug-fix of the hdf5r package, I got a new
> set of warnings from the compiler, one being that I shouldn't be using
> 'sprintf'.
>
> Is there a simple replacement that I can use?
You should use snprintf() which has an extra argument to state the size
of the buffer receiving the string. For example,
char text[32];
sprintf(text, "%.4g", value);
could be written as
char text[32];
snprintf(text, 32, "%.4g", value);
This will write a string with at most 31 characters before the NUL at
the end, and avoids the possibility of a buffer overrun.
Duncan Murdoch
More information about the R-package-devel
mailing list