Bruce Momjian <pgman@candle.pha.pa.us> writes:
> I guess the question is where there are tons more. If not, I think it
> would be wise to just clean it up so any future uses will look out of
> place.
Should I point out that Neil already managed to break the regression
tests on the eve of an emergency patch-release with a completely
unnecessary snprintf-ization of show_datestyle?
There *are* risks in changing working code, and while those risks may be
small, I don't see the point of taking them in places where the benefit
is provably zero. If it's not obvious that a sprintf or similar can't
overflow its buffer, then by all means make it snprintf instead. But
I don't hold with the idea that sprintf is ipso facto bad.
regards, tom lane
