The printf-stdarg.c file distributed with FreeRTOS comtains a snprintf() implementation that silently drops the ‘count’ parameter. That is, it is less safe than the normal sprintf() call since most users won’t be aware of this ‘feature’ and might take less care of buffer overflow potential than if they were forced to use sprintf(). It is difficult to overstate how bad this is. At a minimum, I would suggest that the snprintf function is either removed from the source or have a #warning show on compile.
I appreciate that printf-stdarg.c is a third-party file and only used in the demos. Nevertheless, it is included with the FreeRTOS distribution and recommended in the FreeRTOS Reference Manual. I suspect that most users would assume that is it up the quality of other FreeRTOS code, and be completely oblivious as to the potential problem its use could cause.