(reported at https://bugzilla.redhat.com/show_bug.cgi?id=591377)

---
 Src/utils.c |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/Src/utils.c b/Src/utils.c
index b64530b..513bc7e 100644
--- a/Src/utils.c
+++ b/Src/utils.c
@@ -3665,14 +3665,21 @@ static int
 mindist(char *dir, char *mindistguess, char *mindistbest)
 {
     int mindistd, nd;
+    int len;
     DIR *dd;
     char *fn;
-    char buf[PATH_MAX];
+    char buf[PATH_MAX + 1];
 
     if (dir[0] == '\0')
 	dir = ".";
     mindistd = 100;
-    sprintf(buf, "%s/%s", dir, mindistguess);
+
+    /* input was too long and result got truncated */
+    len = snprintf(buf, sizeof(buf), "%s/%s", dir, mindistguess);
+    if (len >= sizeof(buf) || len < 0) {
+        return mindistd;
+    }
+
     if (access(unmeta(buf), F_OK) == 0) {
 	strcpy(mindistbest, mindistguess);
 	return 0;
-- 
1.7.3.4