sizeof(wchar_t)

Buffer overflows aren't fun. This is why I always (when not using some more advanced interface) use something like this;

...

char buff[32];
snprintf(buff, sizeof(buff), "a=%d b=%s", a,b);

...

Unfortunately this doesn't work too well when you transition to wide chars;

...

wchar_t buff[32];
_snwprintf(buff, sizeof(buff), ...)

... 

Note the second parameter. It should be number of characters, and not bytes as returned by sizeof. So that previously good old habit is now causing potential buffer overflow, not preventing it ...