--- nasm-0.98.38/preproc.c.can-2004-1287	2005-01-05 12:01:40.474509309 -0700
+++ nasm-0.98.38/preproc.c	2005-01-05 12:02:47.344446207 -0700
@@ -4061,13 +4061,14 @@
 {
     va_list arg;
     char buff[1024];
+    memset(buff, '\0', sizeof(buff));
 
     /* If we're in a dead branch of IF or something like it, ignore the error */
     if (istk && istk->conds && !emitting(istk->conds->state))
 	return;
 
     va_start(arg, fmt);
-    vsprintf(buff, fmt, arg);
+    vsnprintf(buff, sizeof(buff)-1, fmt, arg);
     va_end(arg);
 
     if (istk && istk->mstk && istk->mstk->name)