--- lhext.c.old	2000-10-04 16:57:38.000000000 +0200
+++ lhext.c	2004-05-16 00:27:22.000000000 +0200
@@ -207,9 +207,11 @@
 	}
 
 	if (extract_directory)
-		sprintf(name, "%s/%s", extract_directory, q);
-	else
-		strcpy(name, q);
+		snprintf(name, sizeof(name), "%s/%s", extract_directory, q);
+	else {
+		strncpy(name, q, sizeof(name));
+		name[sizeof(name) - 1] = '\0';
+	}
 
 
 	/* LZHDIRS_METHODを持つヘッダをチェックする */