$OpenBSD: patch-src_smp_c,v 1.2 2006/10/18 15:41:06 naddy Exp $
--- src/smp.c.orig	Sat Sep  2 04:12:36 2006
+++ src/smp.c	Wed Oct 18 16:22:27 2006
@@ -251,8 +251,9 @@ int st_smpstartread(ft_t ft) 
         for (commentlen = COMMENTLEN-1;
             commentlen >= 0 && header.comments[commentlen] == ' '; commentlen--)
           ;
-        sprintf(smp->comment, "%.*s: %.*s", namelen+1, header.name,
-                commentlen+1, header.comments);
+        snprintf(smp->comment, sizeof(smp->comment),
+		 "%.*s: %.*s", namelen+1, header.name,
+                 commentlen+1, header.comments);
         ft->comment = smp->comment;
 
         st_report("SampleVision file name and comments: %s", ft->comment);
@@ -382,8 +383,10 @@ int st_smpstartwrite(ft_t ft) 
 
         strcpy(header.Id, SVmagic);
         strcpy(header.version, SVvers);
-        sprintf(header.comments, "%-*s", COMMENTLEN, "Converted using Sox.");
-        sprintf(header.name, "%-*.*s", NAMELEN, NAMELEN, ft->comment);
+        snprintf(header.comments, sizeof(header.comments),
+		 "%-*s", COMMENTLEN, "Converted using Sox.");
+        snprintf(header.name, sizeof(header.name),
+		 "%-*.*s", NAMELEN, NAMELEN, ft->comment);
 
         /* Write file header */
         if(st_writebuf(ft, &header, 1, HEADERSIZE) != HEADERSIZE)
