sprintf not allowed in compiled code for R >= 4.3

[adokter]

After upgrading from R 4.2.2 to the latest R 4.3.0, a new warning message is thrown by devtools::check(). Since CRAN does not allow any warnings, this currently blocks CRAN release

   File ‘vol2birdR/libs/vol2birdR.so’:
     Found ‘___sprintf_chk’, possibly from ‘sprintf’ (C)
       Objects: ‘./libvol2bird/librender.o’, ‘./libvol2bird/librsl.o’,
         ‘./libvol2bird/libvol2bird.o’, ‘./librave/composite.o’,
         ‘./librave/lazy_nodelist_reader.o’, ‘./librave/rave_data2d.o’,
         ‘./librave/rave_debug.o’, ‘./librave/rave_gra.o’,
         ‘./librave/rave_hlhdf_utilities.o’, ‘./libhlhdf/hlhdf.o’,
         ‘./libhlhdf/hlhdf_debug.o’, ‘./libhlhdf/hlhdf_read.o’
     Found ‘___vsprintf_chk’, possibly from ‘vsprintf’ (C)
       Objects: ‘./librave/rave_debug.o’, ‘./libhlhdf/hlhdf_debug.o’
     Found ‘_sprintf’, possibly from ‘sprintf’ (C)
       Objects: ‘./libvol2bird/librsl.o’, ‘./libvol2bird/libvol2bird.o’,
         ‘./librave/detection_range.o’, ‘./librave/rave_data2d.o’,
         ‘./librave/rave_io.o’, ‘./libhlhdf/hlhdf_read.o’

   Compiled code should not call entry points which might terminate R nor
   write to stdout/stderr instead of to the console, nor use Fortran I/O
   nor system RNGs nor [v]sprintf.

[adokter]

See https://www.tidyverse.org/blog/2023/03/cran-checks-compiled-code/

The use of sprintf and vsprintf from C/C++ has been deprecated in macOS 13 and is a known security risk. R CMD check now reports (on all platforms) if their use is found in compiled code: replace by snprintf or vsnprintf respectively.

[adokter]

This affects librave, libhlhdf, and libvol2bird

[adokter]

fixed by commits 84f0bbcf50cad4c61d3c04d65999d32512f0d84c, 4c2cf2b5e3cdec83b2df25cda32e6e7ca6668241, and 3368cf90890d05215fa0ff025859e647f6230864