The Austin group has clarified in <http://www.opengroup.org/austin/docs/austin_454.txt> the specification of memchr: "Implementations shall behave as if they read the memory byte by byte from the beginning of the bytes pointed to by s and stop at the first occurrence of c." So passing a too large size to memchr() is ok. The bug in is memchr(). Bruno