2 files changed, 5 insertions, 5 deletions

diff --git a/src/login/account_txt.c b/src/login/account_txt.c
index ba3388c57..9caf5ca6b 100644
--- a/src/login/account_txt.c
+++ b/src/login/account_txt.c
@@ -558,14 +558,14 @@ static bool mmo_auth_tostr(const struct mmo_account* a, char* str)
 	int i;
 	char* str_p = str;
 
-	str_p += sprintf(str_p, "%d\t%s\t%s\t%c\t%s\t%u\t%u\t%ld\t%ld\t%u\t%s\t%s\t",
+	str_p += snprintf(str_p, sizeof str_p, "%d\t%s\t%s\t%c\t%s\t%u\t%u\t%ld\t%ld\t%u\t%s\t%s\t",
 	                 a->account_id, a->userid, a->pass, a->sex, a->email, a->level,
 	                 a->state, (long)a->unban_time, (long)a->expiration_time,
 	                 a->logincount, a->lastlogin, a->last_ip);
 
 	for( i = 0; i < a->account_reg2_num; ++i )
 		if( a->account_reg2[i].str[0] )
-			str_p += sprintf(str_p, "%s,%s ", a->account_reg2[i].str, a->account_reg2[i].value);
+			str_p += snprintf(str_p, sizeof str_p, "%s,%s ", a->account_reg2[i].str, a->account_reg2[i].value);
 
 	return true;
 }
diff --git a/src/login/login.c b/src/login/login.c
index e888d21f6..414714bd3 100644
--- a/src/login/login.c
+++ b/src/login/login.c
@@ -934,11 +934,11 @@ int mmo_auth(struct login_session_data* sd)
 		bool matched = false;
 		uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr;
 
-		sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);
+		snprintf(r_ip, sizeof r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);
 
 		for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); !matched && dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") )
 		{
-			sprintf(ip_dnsbl, "%s.%s", r_ip, dnsbl_serv);
+			snprintf(ip_dnsbl, sizeof ip_dnsbl, "%s.%s", r_ip, dnsbl_serv);
 			if( host2ip(ip_dnsbl) )
 				matched = true;
 		}
@@ -1383,7 +1383,7 @@ int parse_login(int fd)
 			RFIFOSKIP(fd,86);
 
 			ShowInfo("Connection request of the char-server '%s' @ %u.%u.%u.%u:%u (account: '%s', pass: '%s', ip: '%s')\n", server_name, CONVIP(server_ip), server_port, sd->userid, sd->passwd, ip);
-			sprintf(message, "charserver - %s@%u.%u.%u.%u:%u", server_name, CONVIP(server_ip), server_port);
+			snprintf(message, sizeof message, "charserver - %s@%u.%u.%u.%u:%u", server_name, CONVIP(server_ip), server_port);
 			login_log(session[fd]->client_addr, sd->userid, 100, message);
 
 			result = mmo_auth(sd);