sprintf is seen as a security vulnerability, so we don't want to use it.
---
 skel |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: b/skel
===================================================================
--- a/skel
+++ b/skel
@@ -424,11 +424,11 @@ static int fail(const char* fmt, ...)
     int chars_left, used;
     va_list ap; va_start(ap, fmt);
 #ifdef FLEXML_yylineno
-    used = sprintf(flexml_err_msg,
+    used = snprintf(flexml_err_msg,flexml_max_err_msg_size,
 		   "Invalid XML (XML input line %d, state %d): ",
 		   yylineno, YY_START);
 #else
-    used = sprintf(flexml_err_msg,
+    used = snprintf(flexml_err_msg,flexml_max_err_msg_size,
 		   "Invalid XML (state %d): ",
 		   YY_START);
 #endif
