diff --git a/src/modules/sprintf/sprintf.c b/src/modules/sprintf/sprintf.c
index 60525b2e352e372548eef244ee2bc924144c4a30..851113b1e7c9fb9535eee774c24c1b54410293de 100644
--- a/src/modules/sprintf/sprintf.c
+++ b/src/modules/sprintf/sprintf.c
@@ -473,7 +473,7 @@ static string low_pike_sprintf(char *format,
 
     if(*a!='%')
     {
-      for(e=0;a[e] && a[e]!='%';e++);
+      for(e=0;a[e]!='%' && a+e<format+format_len;e++);
       fsp->b=a;
       fsp->len=e;
       fsp->width=e;
diff --git a/src/modules/sprintf/testsuite.in b/src/modules/sprintf/testsuite.in
index b45ca67b77ad1cd2149e6afa0c879e3e5541a969..677322b3be665ef4ac07fb58ff3fc468acf37634 100644
--- a/src/modules/sprintf/testsuite.in
+++ b/src/modules/sprintf/testsuite.in
@@ -49,6 +49,8 @@ test_eq(sprintf("%d %<d %<d",2),"2 2 2")
 test_true(stringp(sprintf("%O",({1,2,"foo"}))))
 test_true(stringp(sprintf("%O",([1:2,"foo":"bar"]))))
 
+test_eq(sprintf("test \0 \n"),"test \0 \n")
+
 dnl . : and ; hasn't been tested
 dnl ^, @ and _ hasn't been tested yet
 test_eval_error(sprintf("%d"))