Correctly Printing STAFString
By Susam Pal on 04 Jun 2010
  At RSA, we use Software
  Testing Automation Framework (STAF) to automate testing our
  products.  Recently, I ran into a bug that occurred due
  to STAFResult::STAFString not being null-terminated.
  Here is an example C++ program that demonstrates the issue:
#include <iostream>
#include <string>
using namespace std;
#include "STAF.h"
#include "STAFString.h"
int main(int argc, char **argv)
{
    STAFString name("foo");
    STAFHandlePtr handle;
    int rc = STAFHandle::create(name, handle);
    if (rc != 0) {
        std::cerr << "Could not create STAF handle; error code: "
                  << rc << endl;
        return 1;
    }
    STAFResultPtr result = handle->submit("127.0.0.1", "VAR",
                                          "RESOLVE STRING {STAF/Env/DUMMY}");
    if (result->rc != 0) {
        std::cerr << "Could not run STAF command; error code: "
                  << rc << "\n";
        return 1;
    }
    STAFString output = result->result;
    std::cout << "Output: " << output.buffer() << "\n";
}
Here is an example output of the above program:
C:\>echo %DUMMY% Why__does__it__break C:\>STAFExperiments.exe Output: Why__does__it__break/Env/DUMMY}}
  The substring /Env/DUMMY at the end of the output is
  garbage.  The result is not null-terminated in the output buffer.
  Here is the correct way to print the output:
std::cout << "Output: " << string(output.buffer(), output.length()) << "\n";