Sì. Citando man sprintf
Because sprintf() and vsprintf() assume an arbitrarily long string, callers must be careful not to overflow the actual space; this is often
impossible to assure. Note that the length of the strings produced is
locale-dependent and difficult to predict. Use snprintf() and
vsnprintf() instead (or asprintf(3) and vasprintf(3)).