File xfig.3.2.5b-bnc657393.dif of Package xfig

--- w_msgpanel.c
+++ w_msgpanel.c	2010-12-03 14:21:07.931926127 +0000
@@ -60,7 +60,7 @@ DeclareStaticArgs(12);
 /* for the popup message (file_msg) window */
 
 static int	file_msg_length=0;
-static char	tmpstr[300];
+static char	tmpstr[512];
 static Widget	file_msg_panel,
 		file_msg_win, file_msg_dismiss;
 
@@ -582,8 +582,8 @@ file_msg(char *format,...)
     }
 
     va_start(ap, format);
-    /* format the string */
-    vsprintf(tmpstr, format, ap);
+    /* format the string (but leave room for \n and \0) */
+    vsnprintf(tmpstr, sizeof(tmpstr)-2, format, ap);
     va_end(ap);
 
     strcat(tmpstr,"\n");