...
However, this implementation assumes that the values of the struct tm data in timeptr are within normal ranges , and does nothing to enforce this. If any of the values print more characters than expected, the sprintf() function may overflow the result array. For instance, if tm_year has the value 12345, then 27 characters (including the terminating null character) are printed, resulting in a buffer overflow.
...