fmt reads memory past the string width specified

[madscientist]

When building my code with ASAN I discovered that fmt will read memory past the number of bytes specified by the string width field.

Godbolt: https://godbolt.org/z/cTbKGfT9G

If I replace the string width specifier with just "{}" then construct a std::string_view() instead, it works without reading past memory.

If it's required that a buffer must be nul-terminated even if a length restriction is provided, please make that clear in the documentation.

[vitaut]

Precision is not suitable for this, clarified in 3014b3d.

[madscientist]

That's fine but I'm pretty sure that printf's %s does not read more than width bytes and the string is not required to be nul-terminated. I didn't check to see whether fmt::printf() follows this or not.

Also it's a bit unfortunate from a performance perspective that the entire string needs to be scanned only to print a few characters. I guess string_view helps here, although if you want the full printf %s capability of "write N bytes or stop at the first nul byte if there is one" you'll have to do extra work on your own.

[vitaut]

As you've already found out a proper (and efficient) way to do this is to use string_view. Precision is not suitable for this because it's not measured in code units. It sort of works in printf but mainly because precision has wrong semantics there and they don't have string views.