1diff --git a/src/google/protobuf/stubs/strutil.cc b/src/google/protobuf/stubs/strutil.cc 2index 594c8eac6..f986b11e7 100644 3--- a/src/google/protobuf/stubs/strutil.cc 4+++ b/src/google/protobuf/stubs/strutil.cc 5@@ -503,8 +503,8 @@ int CEscapeInternal(const char* src, int src_len, char* dest, 6 (last_hex_escape && isxdigit(*src)))) { 7 if (dest_len - used < 4) // need space for 4 letter escape 8 return -1; 9- sprintf(dest + used, (use_hex ? "\\x%02x" : "\\%03o"), 10- static_cast<uint8_t>(*src)); 11+ snprintf(dest + used, 5, (use_hex ? "\\x%02x" : "\\%03o"), 12+ static_cast<uint8_t>(*src)); 13 is_hex_escape = use_hex; 14 used += 4; 15 } else { 16