On Sat, Apr 19, 2025 at 01:40:11PM +0200, Thorsten Blum wrote: > Replace sprintf() with the safer variant scnprintf() and use its return > value instead of calculating the string length again using strlen(). > > Use strscpy() instead of the deprecated strcpy().
FWIW, an idiomatic variant would be
size = snprintf(NULL, 0, <....>);
buffer = <allocate size + 1 bytes>
if succeeded
snprintf(buffer, size + 1, <....>);
