There's plenty of these issues lying around, replace with snprintf, or similar!

• sprintf(sz, "%s %s", "stuff" "here") should be snprintf(sz, sizeof(sz), "%s %s", "stuff", "here")
• strcpy(sz, "blah") should be strncpy(sz, "blah", sizeof(sz))
• ...

The easiest solution would be to write some script in for ex. Python to convert all of these func calls to the appropriate funcs
(utils/python/* for examples).