use snprintf to prevent buffer overflow

fixes CID 27969, 28010, 28027 found by Coverity

sched/sched_util_basic.cpp

@@ -176,13 +176,13 @@ int dir_hier_path(
     int retval;
 
     if (fanout==0) {
-        sprintf(path, "%s/%s", root, filename);
+        snprintf(path, MAXPATHLEN, "%s/%s", root, filename);
         return 0;
     }
 
     filename_hash(filename, fanout, dir);
 
-    sprintf(dirpath, "%s/%s", root, dir);
+    snprintf(dirpath, MAXPATHLEN, "%s/%s", root, dir);
     if (create) {
         retval = boinc_mkdir(dirpath);
         if (retval && (errno != EEXIST)) {
@@ -192,7 +192,7 @@ int dir_hier_path(
             return ERR_MKDIR;
         }
     }
-    sprintf(path, "%s/%s", dirpath, filename);
+    snprintf(path, MAXPATHLEN, "%s/%s", dirpath, filename);
     return 0;
 }
 

tools/dir_hier_move.cpp

@@ -61,7 +61,7 @@ int main(int argc, char** argv) {
             fprintf(stderr, "dir_hier_path: %s\n", boincerror(retval));
             exit(1);
         }
-        sprintf(src_path, "%s/%s", src_dir, filename.c_str());
+        snprintf(src_path, sizeof(src_path), "%s/%s", src_dir, filename.c_str());
         retval = rename(src_path, dst_path);
         if (retval) {
             perror("rename");