feat: safe sscanf

[ColinKYuen]

Summary

Replaces the usages of sscanf() for a safer implementation

Description

For character strings, the standard library uses the convention that strings are null-terminated: a string of n characters is represented as an array of n + 1 elements, the last of which is a NUL character ('\0'). For input conversion to various types, the C library provides the scanf() function family. The scanf() family of functions scans input according to supplied format string. This format may contain conversion specifications; the results from such conversions, if any, are stored in the locations pointed to by the pointer arguments that follow format. Each pointer argument must be of a type that is appropriate for the value returned by the corresponding conversion specification. scanf() also does not check the bounds of the inputs and may cause buffer overflows.

Testing

The regression tests have been built on

• Windows 11, 24H2
• Linux, Ubuntu 24
• & M4 Max Mac, Sequoia 15.3.2

The test results match what is currently on mainline