Microsoft _snprintf stack overflow (note n)

["George Datuashvili" <gdatuashvili () siebel com>]

Following code just crashes:

#include <stdio.h>
void main()
{
   char buf[32];
   _snprintf (buf, 10, "%*.*d", 0, 22222222, 0);
}

Search for ascii and unicode %*.* and %.* strings in system32\*.dll reveals
quite a few dlls that use those patterns. I wonder if actual precision value
can be supplied by end users...