PR #29 reveals use of functions like sprintf; this is now considered bad practice unless otherwise unavoidable (in which case a comment should be there to provide insight into why it's unavoidable) and snprintf should be used instead.
As part of the code audit and updates we should move from the various unsafe functions to safe functions and document where we can't (which should IMHO be very very few cases).
I'll be glad to help with this once I finish with the other tasks
Related to #168