diff --git a/bfps/_base.py b/bfps/_base.py
index 575067272f5e1ef171eeb6a374fbf52a732ebc61..3d7c747b3185c4bcbfe0eca6f2d6ee5136213105 100644
--- a/bfps/_base.py
+++ b/bfps/_base.py
@@ -97,7 +97,7 @@ class _base(object):
                     'char fname[256];\n' +
                     'hsize_t dims[1];\n' +
                     'char *string_data;\n' +
-                    'sprintf(fname, "%s.h5", {0});\n'.format(simname_variable) +
+                    'snprintf(fname, 255, "%s.h5", {0});\n'.format(simname_variable) +
                     'parameter_file = H5Fopen(fname, H5F_ACC_RDONLY, H5P_DEFAULT);\n')
         key_prefix = ''
         if prepend_this:
@@ -118,7 +118,7 @@ class _base(object):
                             'memtype = H5Dget_type(dset);\n' +
                             'string_data = (char*)malloc(256);\n' +
                             'H5Dread(dset, memtype, H5S_ALL, H5S_ALL, H5P_DEFAULT, &string_data);\n' +
-                            'sprintf({0}, "%s", string_data);\n'.format(key_prefix + key[i]) +
+                            'snprintf({0}, 255, "%s", string_data);\n'.format(key_prefix + key[i]) +
                             'free(string_data);\n'
                             'H5Sclose(space);\n' +
                             'H5Tclose(memtype);\n' +
diff --git a/bfps/_code.py b/bfps/_code.py
index 78302109148844761eb849a3a4cbf1fcdf71f8c5..73af76610ef224422508bf8b7b820b4720363734 100644
--- a/bfps/_code.py
+++ b/bfps/_code.py
@@ -116,7 +116,7 @@ class _code(_base):
                     }
                 #endif
                     strcpy(simname, argv[1]);
-                    sprintf(fname, "%s.h5", simname);
+                    snprintf(fname, 255, "%s.h5", simname);
                     parameter_file = H5Fopen(fname, H5F_ACC_RDONLY, H5P_DEFAULT);
                     Cdset = H5Dopen(parameter_file, "iteration", H5P_DEFAULT);
                     H5Dread(