A simple text search
of the source would have revealed an unsafe use of the function, known to be bad news for decades now.
Total Irresponsibility To Show Usual Prudence. I've used your approach myself along with a couple of other trivial tricks to totally prevent stack corruption - since long before the big issue was someone malicious trying to do it.
I mean, that should have been proactively searched for and fixed quite a long time ago....that's plain irresponsible, it wouldn't take a whole dev-day to do all their source that way....unless their system is really an example of utter borkage.
Either way, it's a sign you should vote with your wallet. No, of course.