$OpenBSD: patch-src_value_cpp,v 1.5 2011/10/28 21:58:01 jasper Exp $
--- src/value.cpp.orig	Sun Feb 13 15:08:44 2011
+++ src/value.cpp	Thu Oct 27 23:40:36 2011
@@ -975,7 +975,7 @@ namespace Exiv2 {
         // sprintf wants to add the null terminator, so use oversized buffer
         char temp[9];
 
-        int wrote = sprintf(temp, "%04d%02d%02d",
+        int wrote = snprintf(temp, sizeof temp, "%04d%02d%02d",
                             date_.year, date_.month, date_.day);
         assert(wrote == 8);
         std::memcpy(buf, temp, 8);
@@ -1147,7 +1147,7 @@ namespace Exiv2 {
         char plusMinus = '+';
         if (time_.tzHour < 0 || time_.tzMinute < 0) plusMinus = '-';
 
-        int wrote = sprintf(temp,
+        int wrote = snprintf(temp, sizeof temp,
                    "%02d%02d%02d%1c%02d%02d",
                    time_.hour, time_.minute, time_.second,
                    plusMinus, abs(time_.tzHour), abs(time_.tzMinute));
