diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c
index 2d10d6b2a92d..e28322273a4b 100644
--- a/lib/libpam/modules/pam_krb5/pam_krb5.c
+++ b/lib/libpam/modules/pam_krb5/pam_krb5.c
@@ -482,11 +482,11 @@ pam_sm_setcred(pam_handle_t *pamh, int flags,
 			if (*q == '%') {
 				q++;
 				if (*q == 'u') {
-					sprintf(p, "%d", pwd->pw_uid);
+					snprintf(p, PATH_MAX + 16, "%d", pwd->pw_uid);
 					p += strlen(p);
 				}
 				else if (*q == 'p') {
-					sprintf(p, "%d", getpid());
+					snprintf(p, PATH_MAX + 16, "%d", getpid());
 					p += strlen(p);
 				}
 				else {