From 5210b636853d7c8405fde569a79b080a681ab574 Mon Sep 17 00:00:00 2001
From: Casey Carter <cacarter@microsoft.com>
Date: Wed, 24 Apr 2024 15:11:40 -0700
Subject: [PATCH] Recommend `snprintf` over bugprone `_snprinf`

`_snprintf` doesn't terminate the buffer when the format result is overlong, which is just asking for trouble; `snprintf` always terminates. We should recommend the latter to `sprintf` users.
---
 .../sprintf-sprintf-l-swprintf-swprintf-l-swprintf-l.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/c-runtime-library/reference/sprintf-sprintf-l-swprintf-swprintf-l-swprintf-l.md b/docs/c-runtime-library/reference/sprintf-sprintf-l-swprintf-swprintf-l-swprintf-l.md
index 3f35c2902b2..960c47657c4 100644
--- a/docs/c-runtime-library/reference/sprintf-sprintf-l-swprintf-swprintf-l-swprintf-l.md
+++ b/docs/c-runtime-library/reference/sprintf-sprintf-l-swprintf-swprintf-l-swprintf-l.md
@@ -103,7 +103,7 @@ The number of characters written, or -1 if an error occurred. If *`buffer`* or *
 The **`sprintf`** function formats and stores a series of characters and values in *`buffer`*. Each *`argument`* (if any) is converted and output according to the corresponding format specification in *`format`*. The format consists of ordinary characters and has the same form and function as the *`format`* argument for [`printf`](printf-printf-l-wprintf-wprintf-l.md). A null character is appended after the last character written. If copying occurs between strings that overlap, the behavior is undefined.
 
 > [!IMPORTANT]
-> Using **`sprintf`**, there is no way to limit the number of characters written, which means that code using **`sprintf`** is susceptible to buffer overruns. Consider using the related function [`_snprintf`](snprintf-snprintf-snprintf-l-snwprintf-snwprintf-l.md), which specifies a maximum number of characters to write to *`buffer`*, or use [`_scprintf`](scprintf-scprintf-l-scwprintf-scwprintf-l.md) to determine how large a buffer is required. Also, ensure that *`format`* is not a user-defined string.
+> Using **`sprintf`**, there is no way to limit the number of characters written, which means that code using **`sprintf`** is susceptible to buffer overruns. Consider using the related function [`snprintf`](snprintf-snprintf-snprintf-l-snwprintf-snwprintf-l.md), which specifies a maximum number of characters to write to *`buffer`*, or use [`_scprintf`](scprintf-scprintf-l-scwprintf-scwprintf-l.md) to determine how large a buffer is required. Also, ensure that *`format`* is not a user-defined string.
 >
 > Starting in Windows 10 version 2004 (build 19041), the `printf` family of functions prints exactly representable floating point numbers according to the IEEE 754 rules for rounding. In previous versions of Windows, exactly representable floating point numbers ending in '5' would always round up. IEEE 754 states that they must round to the closest even digit (also known as "Banker's Rounding"). For example, both `printf("%1.0f", 1.5)` and `printf("%1.0f", 2.5)` should round to 2. Previously, 1.5 would round to 2 and 2.5 would round to 3. This change only affects exactly representable numbers. For example, 2.35 (which, when represented in memory, is closer to 2.35000000000000008) continues to round up to 2.4. Rounding done by these functions now also respects the floating point rounding mode set by [`fesetround`](fegetround-fesetround2.md). Previously, rounding always chose `FE_TONEAREST` behavior. This change only affects programs built using Visual Studio 2019 version 16.2 and later. To use the legacy floating point rounding behavior, link with ['legacy_stdio_float_rounding.obj`](../link-options.md).