diff --git a/engine/server/sv_client.c b/engine/server/sv_client.c
index ac4fd2ff..3a1f010f 100644
--- a/engine/server/sv_client.c
+++ b/engine/server/sv_client.c
@@ -930,15 +930,26 @@ void SV_BuildNetAnswer( netadr_t from )
 	}
 	else if( type == NETAPI_REQUEST_PLAYERS )
 	{
+		size_t len = 0;
+
 		string[0] = '\0';
 
 		for( i = 0; i < svs.maxclients; i++ )
 		{
 			if( svs.clients[i].state >= cs_connected )
 			{
+				int ret;
 				edict_t *ed = svs.clients[i].edict;
 				float time = host.realtime - svs.clients[i].connection_started;
-				Q_strncat( string, va( "%c\\%s\\%i\\%f\\", count, svs.clients[i].name, (int)ed->v.frags, time ), sizeof( string ));
+				ret = Q_snprintf( &string[len], sizeof( string ) - len, "%c\\%s\\%i\\%f\\", count, svs.clients[i].name, (int)ed->v.frags, time );
+
+				if( ret == -1 )
+				{
+					Con_DPrintf( S_WARN "SV_BuildNetAnswer: NETAPI_REQUEST_PLAYERS: buffer overflow!\n" );
+					break;
+				}
+
+				len += ret;
 				count++;
 			}
 		}
diff --git a/engine/server/sv_save.c b/engine/server/sv_save.c
index 0fcf66e4..e3d791b3 100644
--- a/engine/server/sv_save.c
+++ b/engine/server/sv_save.c
@@ -2418,13 +2418,13 @@ int GAME_EXPORT SV_GetSaveComment( const char *savename, char *comment )
 
 		if( FBitSet( flags, MAP_INVALID_VERSION ))
 		{
-			Q_strncpy( comment, va( "<map %s has invalid format>", mapName ), MAX_STRING );
+			Q_snprintf( comment, sizeof( comment ), "<map %s has invalid format>", mapName );
 			return 0;
 		}
 
 		if( !FBitSet( flags, MAP_IS_EXIST ))
 		{
-			Q_strncpy( comment, va( "<map %s is missed>", mapName ), MAX_STRING );
+			Q_snprintf( comment, sizeof( comment ), "<map %s is missed>", mapName );
 			return 0;
 		}
 
@@ -2433,10 +2433,10 @@ int GAME_EXPORT SV_GetSaveComment( const char *savename, char *comment )
 
 		// split comment to sections
 		if( Q_strstr( savename, "quick" ))
-			Q_strncat( comment, "[quick]", CS_SIZE );
+			Q_snprintf( comment, sizeof( comment ), "[quick]%s", description );
 		else if( Q_strstr( savename, "autosave" ))
-			Q_strncat( comment, "[autosave]", CS_SIZE );
-		Q_strncat( comment, description, CS_SIZE );
+			Q_snprintf( comment, sizeof( comment ), "[autosave]%s", description );
+		else Q_strncpy( comment, description, sizeof( comment ));
 		strftime( timestring, sizeof ( timestring ), "%b%d %Y", file_tm );
 		Q_strncpy( comment + CS_SIZE, timestring, CS_TIME );
 		strftime( timestring, sizeof( timestring ), "%H:%M", file_tm );