When the number of characters is > INT_MAX, printf doesn't return the number of
output characters. The C standard seems to be silent on this point and the
current glibc manual and printf(3) man page are also silent. The following
program was tested on a Debian/etch x86_64 machine:
#define N 2147483648
#define STRINGIFY(S) #S
#define MAKE_STR(S) STRINGIFY(S)
#define SN MAKE_STR(N)
int main (void)
ret = printf ("%" SN "d%" SN "d", 1, 1);
fprintf (stderr, "ret = %d\n", ret);
$ ./ret-printf | wc -c
ret = 0
I don't know how such cases should be handled, but returning a non-negative
value different from the number of output characters is incorrect.
Moreover, printf doesn't handle field widths larger than 2^31.
I found the following with Google:
"In addition, snprintf() will fail if:
[EOVERFLOW] The value of n is greater than INT_MAX
or the number of bytes needed to hold
the output excluding the terminating
null is greater than INT_MAX."
This is also in a recent POSIX draft (I haven't checked the latest).
Overflow check is in cvs.