diff -Naur ./prozilla-1.3.6/src/http-retr.c ./prozilla-1.3.6_new/src/http-retr.c
--- ./prozilla-1.3.6/src/http-retr.c	2001-08-18 01:38:29.000000000 +0200
+++ ./prozilla-1.3.6_new/src/http-retr.c	2004-11-05 12:19:02.233187528 +0100
@@ -189,14 +189,14 @@
     /*
      * get the headers by sending GET 
      */
-    sprintf(buffer,
+    snprintf(buffer, sizeof(buffer),
 	    "GET %s HTTP/1.0\r\nUser-Agent: %s%s\r\nHost: %s\r\nAccept: */*\r\nRange: bytes=%ld-%ld\r\n%s%s\r\n",
 	    connection->u.path, PACKAGE_NAME, VERSION,
 	    connection->u.host,
 	    connection->remote_startpos, connection->remote_endpos,
 	    referer ? referer : "",
 	    wwwauth ? wwwauth : "");
-
+	buffer[sizeof(buffer)-1] = '\0';
 
     debug_prz("HTTP request= %s\n", buffer);
 
diff -Naur ./prozilla-1.3.6/src/http.c ./prozilla-1.3.6_new/src/http.c
--- ./prozilla-1.3.6/src/http.c	2001-08-18 01:38:29.000000000 +0200
+++ ./prozilla-1.3.6_new/src/http.c	2004-11-05 12:16:26.933796624 +0100
@@ -375,12 +375,12 @@
    with HEAD */
 
 
-    sprintf(buffer,
+    snprintf(buffer, sizeof(buffer),
 	    "HEAD %s HTTP/1.0\r\nUser-Agent: %s%s\r\nHost: %s\r\nAccept: */*\r\n%s%s\r\n",
 	    u->path, PACKAGE_NAME, VERSION, u->host, 
 	    referer ? referer : "",
 	    wwwauth ? wwwauth : "");
-
+	buffer[sizeof(buffer)-1] = '\0';
     debug_prz("HTTP request= %s\n", buffer);
 
     err = http_fetch_headers(sock, u, hs, buffer);
diff -Naur ./prozilla-1.3.6/src/main.c ./prozilla-1.3.6_new/src/main.c
--- ./prozilla-1.3.6/src/main.c	2001-08-18 01:38:31.000000000 +0200
+++ ./prozilla-1.3.6_new/src/main.c	2004-11-05 12:37:09.385915192 +0100
@@ -1152,10 +1152,10 @@
 
 int die(const char *args, ...)
 {
-    char p[MAX_MSG_SIZE];
+    char p[MAX_MSG_SIZE] = {'\0'};
     va_list vp;
     va_start(vp, args);
-    vsprintf(p, args, vp);
+    vsnprintf(p, sizeof(p),args, vp);
     va_end(vp);
 
     /* indicate that we are out of the display loop */