> > Make sure we have a big enough buffer to sprintf into (noticed by
> > deraadt@openbsd.org).
> Why not use snprintf instead?

In many cases, just substituting snprintf() for sprintf() will fix
an overflow, but leave the code just as broken (but not exploitably
so, perhaps).  Of course, I'd rather have the overflows fixed than
not, but I'd much rather have code that was designed to prevent or
at least handle the overflows in the first place.

Well-written software should rarely need snprintf() to protect itself.

-allen