Similar comments here:
> Hi,
>
> Another attempt to be helpful. This removes %n from brltty.
> Compiles, but untested due to I don't have a braille device.
>
> +@@ -87,8 +87,9 @@ describeCommand (int command, char *buffer, int size)
> + candidate->name, number, candidate->description);
> + } else {
> + int offset;
> +- snprintf(buffer, size, "%s: %n%s",
> +- candidate->name, &offset, candidate->description);
> ++ offset = snprintf(buffer, size, "%s: %s",
> ++ candidate->name, candidate->description);
> ++ offset -= strlen(candidate->description);
You can remove the %n%s from the tail of the format string, and
calculate offset directly:
offset = snprintf(buffer, size, "%s: ", candidate->name, &offset);
After checking offset isn't -1 or an overflow (which the code
currently does not do), then append the description into the buffer:
snprintf(buffer + offset, size - offset, "%s", candidate->description);
And if the offset bounds check is added, how could an upstream say no to
accepting a diff which handles a string truncation better?
