Fix buffer overflow in build

Remote hole, can smash the stack.  Broken when Empire 2 added the
confirmation prompt.

diff --git a/src/lib/commands/buil.c b/src/lib/commands/buil.c
index 01ac73ad7d1018b998ad86643ca8cf36f1683aa0..1228463f6d9d1458059031599271533af7dd41b2 100644 (file)
--- a/src/lib/commands/buil.c
+++ b/src/lib/commands/buil.c
@@ -28,7 +28,7 @@
  *
  *  Known contributors to this file:
  *     Steve McClure, 1998-2000
- *     Markus Armbruster, 2004-2011
+ *     Markus Armbruster, 2004-2012
  */
 
 #include <config.h>
@@ -160,8 +160,8 @@ buil(void)
        if (number > 20) {
            char bstr[80];
            sprintf(bstr,
-                   "Are you sure that you want to build %s of them? ",
-                   player->argp[4]);
+                   "Are you sure that you want to build %d of them? ",
+                   number);
            p = getstarg(player->argp[6], bstr, buf);
            if (!p || *p != 'y')
                return RET_SYN;