$OpenBSD: patch-src_lib_lstrlib_c,v 1.1 2006/01/18 11:17:03 pedro Exp $
--- src/lib/lstrlib.c.orig	Tue Jan 17 13:46:55 2006
+++ src/lib/lstrlib.c	Tue Jan 17 13:49:37 2006
@@ -700,16 +700,16 @@ static int str_format (lua_State *L) {
       strfrmt = scanformat(L, strfrmt, form, &hasprecision);
       switch (*strfrmt++) {
         case 'c':  case 'd':  case 'i': {
-          sprintf(buff, form, luaL_checkint(L, arg));
+          snprintf(buff, sizeof(buff), form, luaL_checkint(L, arg));
           break;
         }
         case 'o':  case 'u':  case 'x':  case 'X': {
-          sprintf(buff, form, (unsigned int)(luaL_checknumber(L, arg)));
+          snprintf(buff, sizeof(buff), form, (unsigned int)(luaL_checknumber(L, arg)));
           break;
         }
         case 'e':  case 'E': case 'f':
         case 'g': case 'G': {
-          sprintf(buff, form, luaL_checknumber(L, arg));
+          snprintf(buff, sizeof(buff), form, luaL_checknumber(L, arg));
           break;
         }
         case 'q': {
@@ -727,7 +727,7 @@ static int str_format (lua_State *L) {
             continue;  /* skip the `addsize' at the end */
           }
           else {
-            sprintf(buff, form, s);
+            snprintf(buff, sizeof(buff), form, s);
             break;
           }
         }
