From f1eaf3e144bfab2670b4bd4d36ab851168ff9bb8 Mon Sep 17 00:00:00 2001
From: Dmitry Podgorny <pasis.ua@gmail.com>
Date: Fri, 4 Jan 2013 19:33:12 +0200
Subject: [PATCH] fix possible buffer overflow in _ui_draw_win_title

---
 src/windows.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/windows.c b/src/windows.c
index b8b12f59..ae00ee54 100644
--- a/src/windows.c
+++ b/src/windows.c
@@ -177,12 +177,12 @@ _ui_draw_win_title(void)
         gint unread = _win_get_unread();
 
         if (unread != 0) {
-            sprintf(new_win_title, "%c]0;%s%s (%d) - %s%c", '\033', "Profanity", version_str->str, unread, jid, '\007');
+            snprintf(new_win_title, sizeof(new_win_title), "%c]0;%s%s (%d) - %s%c", '\033', "Profanity", version_str->str, unread, jid, '\007');
         } else {
-            sprintf(new_win_title, "%c]0;%s%s - %s%c", '\033', "Profanity", version_str->str, jid, '\007');
+            snprintf(new_win_title, sizeof(new_win_title), "%c]0;%s%s - %s%c", '\033', "Profanity", version_str->str, jid, '\007');
         }
     } else {
-        sprintf(new_win_title, "%c]0;%s%s%c", '\033', "Profanity", version_str->str, '\007');
+        snprintf(new_win_title, sizeof(new_win_title), "%c]0;%s%s%c", '\033', "Profanity", version_str->str, '\007');
     }
 
     g_string_free(version_str, TRUE);