I was busy implementing a system for a client using C++ on Win32 when I had to use the sprintf function. As I knew it was insecure I looked up the function's details - only to be caught in an infinite web of evasion.
An exert from MSDN:
Security Note There is no way to limit the number of characters written, which means that code using sprintf is susceptible to buffer overruns. Consider using the related function _snprintf, which specifies a maximum number of characters to be written to buffer, or use _scprintf to determine how large a buffer is required. Also, ensure that format is not a user-defined string.
Ok fine - I then went to lookup the definition of _snprintf again at MSDN
But oh my! Look at what I found:
Security Note Ensure that format is not a user-defined string. This function does not guarantee NULL termination, so ensure it is followed by sz[ ARRAYSIZE(sz) - 1] = 0. For more information, see Avoiding Buffer Overruns.
FINE so I went and searched a bit more and found _snprintf_s here.
Finally! What a mission...