diff -up ghostscript-9.07/base/wrfont.c.wrf-snprintf ghostscript-9.07/base/wrfont.c

--- ghostscript-9.07/base/wrfont.c.wrf-snprintf	2013-07-01 13:02:33.373244683 +0100

+++ ghostscript-9.07/base/wrfont.c	2013-07-01 13:04:55.022864299 +0100

@@ -72,7 +72,8 @@ WRF_wfloat(WRF_output * a_output, double

 {

     char buffer[32];

-    gs_sprintf(buffer, "%f", a_float);

+    if (gs_snprintf(buffer, sizeof (buffer), "%f", a_float) >= sizeof (buffer))

+        abort();

     WRF_wstring(a_output, buffer);

 }

@@ -81,6 +82,7 @@ WRF_wint(WRF_output * a_output, long a_i

 {

     char buffer[32];

-    gs_sprintf(buffer, "%ld", a_int);

+    if (gs_snprintf(buffer, sizeof (buffer), "%ld", a_int) >= sizeof (buffer))

+        abort();

     WRF_wstring(a_output, buffer);

 }