manual: document snprintf truncation better

author Paul Eggert <eggert@cs.ucla.edu>

Sat, 8 Apr 2023 20:51:26 +0000 (13:51 -0700)

committer Paul Eggert <eggert@cs.ucla.edu>

Sat, 8 Apr 2023 20:53:22 +0000 (13:53 -0700)
author Paul Eggert <eggert@cs.ucla.edu>
Sat, 8 Apr 2023 20:51:26 +0000 (13:51 -0700)
committer Paul Eggert <eggert@cs.ucla.edu>
Sat, 8 Apr 2023 20:53:22 +0000 (13:53 -0700)
diff --git a/manual/stdio.texi b/manual/stdio.texi

index c502a21036ef3566b407375d8556746fdfa77188..3820a24f3e164f7536299c5ac01ab0c69df6fe0a 100644 (file)
--- a/manual/stdio.texi
+++ b/manual/stdio.texi
@@ -2439,7 +2439,10 @@ If @var{size} is zero, nothing, not even the null byte, shall be written and
  The return value is the number of characters which would be generated
  for the given input, excluding the trailing null.  If this value is
  greater than or equal to @var{size}, not all characters from the result have
-been stored in @var{s}.  You should try again with a bigger output
+been stored in @var{s}.  If this happens, you should be wary of using
+the truncated result as that could lead to security, encoding, or
+other bugs in your program (@pxref{Truncating Strings}).
+Instead, you should try again with a bigger output
  string.  Here is an example of doing this:
  
  @smallexample
author	Paul Eggert <eggert@cs.ucla.edu>
	Sat, 8 Apr 2023 20:51:26 +0000 (13:51 -0700)
committer	Paul Eggert <eggert@cs.ucla.edu>
	Sat, 8 Apr 2023 20:53:22 +0000 (13:53 -0700)