https://bugs.exim.org/show_bug.cgi?id=1801
--- Comment #3 from Philip Hazel <p...@hermes.cam.ac.uk> --- Yes, I suspected that might happen. I have committed another patch that I think will fix the issue and give the same output for buffer overflows, whether or not there is a binary zero at the end of the buffer. Incidentally, I think your snprintf() is buggy. This is what I see in a version of the C99 standard that I've got (called C99.2007.pdf): The snprintf function is equivalent to fprintf, except that the output is written into an array (specified by argument s) rather than to a stream. If n is zero, nothing is written, and s may be a null pointer. Otherwise, output characters beyond the n-1st are discarded rather than being written to the array, and a null character is written at the end of the characters actually written into the array. If copying takes place between objects that overlap, the behavior is undefined. That seems to state quite clearly that a null character is written in the event of buffer overflow. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev