Index: contrib/netbsd-tests/lib/libc/stdio/t_printf.c
===================================================================
--- contrib/netbsd-tests/lib/libc/stdio/t_printf.c
+++ contrib/netbsd-tests/lib/libc/stdio/t_printf.c
@@ -120,12 +120,6 @@
 {
 	char s[16], fmt[32];
 
-#ifndef __NetBSD__
-	atf_tc_expect_signal(SIGSEGV,
-	    "some non-NetBSD platforms including FreeBSD don't validate "
-	    "negative size; testcase blows up with SIGSEGV");
-#endif
-
 	snprintf(fmt, sizeof(fmt), "%%%zu$d", SIZE_MAX / sizeof(size_t));
 
 	ATF_CHECK(snprintf(s, sizeof(s), fmt, -23) == -1);
Index: lib/libc/stdio/printf-pos.c
===================================================================
--- lib/libc/stdio/printf-pos.c
+++ lib/libc/stdio/printf-pos.c
@@ -113,6 +113,13 @@
 _ensurespace(struct typetable *types)
 {
 
+	/*
+	 * Validate sign first.
+	 * nextarg is 1-based argument index.
+	 */
+	if (types->nextarg <= 0)
+		return (-1);
+
 	if (types->nextarg >= types->tablesize) {
 		if (__grow_type_table(types))
 			return (-1);