I've just discovered that the C implementation I'm working with at the moment, writes one extra character in its snprintf output. The bug was difficult to find, as I use snprintf(NULL, 0, .....) to find the length in advance, so on this platform it caused a byte to be written to a null pointer, which on this platform has the effect that it locks up and restarts about 5 seconds later (running otherwise correctly in the meantime).
Now you could say that snprintf is entitled to do what it likes, because the platform doesn't purport to comply with C99. But I still don't think it's great that a platform should have a version that is at odds with a standardised snprintf. Is this very common?
Previously I had my code use the system sprintf family if they were present, and otherwise use an in-house implementation -- but now I think I should use the latter exclusively, just to avoid trouble like this cropping up.