itojun@iijlab.net writes:

> >> Module Name:	src
> >> Committed By:	itojun
> >> Date:		Tue Apr 15 07:40:57 UTC 2003
> >> 
> >> Modified Files:
> >> 	src/bin/sh: options.c
> >> 
> >> Log Message:
> >> %d is 12 chars, not 10 chars.  hinted by deraadt
> >
> >If security is a concern in this change, please consider doing this in
> >a sustainable way.  int won't break the 32-bit barrier before long,
> >but rest assured it will.
> 
> 	hmm, to make sure we need to use asprintf() every place possible.
> 	conversion to snprintf() is not enough.

Another, more efficient way to address this is the use of fixed-width
integer types, where appropriate.  However, in this particular case
(pedant's hat on) the use of int is wrong as it is used to hold the
result of a pointer subtraction.


- Klaus