>>I'd rather pay the expense of such a check than having memory
>>corrupted.

>	if 2nd arg to snprintf() is smaller than required space, snprintf()
>	would leave truncated string as a result.

Sure, but as previously noted, snprintf in that case, still returns the
amount of space _required_ which makes usage like:

cp += snprintf(...)

very dangerous - which is a shame since its logically appealing.
The solution I mentioned of using an snprintf wrapper that returns 0
in the truncation case - or better yet for the kernel - panic'd
would allow 

cp += safe_snprintf(...)

to be used freely without littering the entire kernel with if's and/or 
#ifdef's.

Thanks
--sjg