> On June 10, 2016 at 2:38 AM Andrew Gregory <andrew.gregor...@gmail.com> wrote: > strlen doesn't count the terminating NUL, so strlen(x) + 1 is at most > the size of the array, which by definition has to fit into a size_t.
Then take the typical "len = strlen(a) + strlen(b) + 1" followed by malloc and snprintf. And check your typical strlen implementation which would have to be a strnlen with SIZE_MAX then. These implementations are not around. For good reasons.
