diff --git a/src/main.cpp b/src/main.cpp
index 9da3167..7ead705 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -403,7 +403,12 @@ int main(int argc, char **argv)
 
 			case 'h': /* html report */
 				reporttype = REPORT_HTML;
-				sprintf(filename, "%s", optarg ? optarg : "powertop.html" );
+				snprintf(filename, 4096, "%s", optarg ? optarg : "powertop.html" );
+				if (!strlen(filename))
+				{
+					fprintf(stderr, _("Invalid HTML filename\n"));
+					exit(1);
+				}
 				break;
 
 			case 't':
@@ -424,7 +429,12 @@ int main(int argc, char **argv)
 
 			case 'C': /* csv report*/
 				reporttype = REPORT_CSV;
-				sprintf(filename, "%s", optarg ? optarg : "powertop.csv");
+				snprintf(filename, 4096, "%s", optarg ? optarg : "powertop.csv");
+				if (!strlen(filename))
+				{
+					fprintf(stderr, _("Invalid CSV filename\n"));
+					exit(1);
+				}
 				break;
 			case '?': /* Unknown option */
 				/* getopt_long already printed an error message. */
diff --git a/src/report/report.cpp b/src/report/report.cpp
index c018bb1..b01b925 100644
--- a/src/report/report.cpp
+++ b/src/report/report.cpp
@@ -149,28 +149,27 @@ static void system_info(void)
 void init_report_output(char *filename_str, int iterations)
 {
 	size_t period;
-	char file_prefix[4096];
-	char file_postfix[8];
+	string filename;
 	time_t stamp;
 	char datestr[200];
 
-	string mystring = string(filename_str);
-	sprintf(file_postfix, "%s",
-		(reporttype == REPORT_HTML ? "html" : "csv"));
-	period=mystring.find_last_of(".");
-	sprintf(file_prefix, "%s",mystring.substr(0,period).c_str());
-	memset(&datestr, 0, 200);
-	memset(&stamp, 0, sizeof(time_t));
-	stamp=time(NULL);
-	strftime(datestr, sizeof(datestr), "%Y%m%d-%H%M%S", localtime(&stamp));
-
-	if (iterations != 1)
-		sprintf(reportout.filename, "%s-%s.%s",
-			file_prefix, datestr,file_postfix);
+	if (iterations == 1)
+		sprintf(reportout.filename, "%s", filename_str);
 	else
-		sprintf(reportout.filename, "%s.%s",
-			file_prefix, file_postfix);
-
+	{
+		filename = string(filename_str);
+		period = filename.find_last_of(".");
+		if (period > filename.length())
+			period = filename.length();
+		memset(&datestr, 0, 200);
+		memset(&stamp, 0, sizeof(time_t));
+		stamp = time(NULL);
+		strftime(datestr, sizeof(datestr), "%Y%m%d-%H%M%S", localtime(&stamp));
+		snprintf(reportout.filename, 4096, "%s-%s%s",
+			filename.substr(0, period).c_str(), datestr,
+			filename.substr(period).c_str());
+	}
+	
 	reportout.report_file = fopen(reportout.filename, "wm");
 	if (!reportout.report_file) {
 		fprintf(stderr, _("Cannot open output file %s (%s)\n"),