> > 2) there are some horrible snprintf's out there, > > including ones which do little more than call sprintf! > What platforms are these on? I think that we do not want to go to > extreme lengths working around vulnerabilities in OS C libraries. See https://BuildSecurityIn.us-cert.gov/daisy/bsi-rules/home/g1/838-BSI.html John