>> cp += snprintf(...)
> Maybe people shouldn't do that at all.  No need to have a
> cp += safe_sprintf() because the code is still wrong in the buffer
> overflow case: if it returns 0, future uses of cp will be wrong.

Is that wrong?  I don't see anything wrong with it, at least not when
the desired effect is to truncate too-long strings.  (I've been
assuming - for example, in the code I sent to the list a little bit
back - that safe_snprintf should return the number of characters
actually written, so it won't return zero unless there is no more space
left.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B