diff --git a/lib/asn1/der_put.c b/lib/asn1/der_put.c
index aea6f59cf..d10d02a05 100644
--- a/lib/asn1/der_put.c
+++ b/lib/asn1/der_put.c
@@ -375,15 +375,18 @@ int
 time2generalizedtime (time_t t, octet_string *s)
 {
      struct tm *tm;
+     size_t len;
 
-     s->data = malloc(16);
+     len = 15;
+
+     s->data = malloc(len + 1);
      if (s->data == NULL)
 	 return ENOMEM;
-     s->length = 15;
+     s->length = len;
      tm = gmtime (&t);
-     sprintf (s->data, "%04d%02d%02d%02d%02d%02dZ", tm->tm_year + 1900,
-	      tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
-	      tm->tm_sec);
+     snprintf (s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ", 
+	       tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 
+	       tm->tm_hour, tm->tm_min, tm->tm_sec);
      return 0;
 }