With dtostrf you get to specify how many digits to display.
I don't think that is true. If I remember correctly, you can only specify minimum size or digits. There is no maximum. I'm pretty sure I've run into what he's found and its not obvious how to shield yourself from this problem. 999--99.0 is one thing, but another is the 1.0000000009 kind of thing. That also will blow up your string buffer.
Granted I was coding a teensy when I ran into this, so maybe the Arduino itself handles this better?
-jim lee