diff -Naur libcap-1.10.orig/libcap/cap_alloc.c libcap-1.10/libcap/cap_alloc.c
--- libcap-1.10.orig/libcap/cap_alloc.c	1999-11-18 07:23:24.000000000 +0000
+++ libcap-1.10/libcap/cap_alloc.c	2007-05-25 18:47:32.000000000 +0000
@@ -97,6 +97,8 @@
 
 int cap_free(void *data_p)
 {
+    if ( !data_p )
+	return 0;
 
     if ( good_cap_t(data_p) ) {
 	data_p = -1 + (__u32 *) data_p;
diff -Naur libcap-1.10.orig/libcap/cap_file.c libcap-1.10/libcap/cap_file.c
--- libcap-1.10.orig/libcap/cap_file.c	1999-04-17 22:16:31.000000000 +0000
+++ libcap-1.10/libcap/cap_file.c	2007-05-25 18:47:32.000000000 +0000
@@ -29,7 +29,8 @@
 			      &result->set[CAP_INHERITABLE],
 			      &result->set[CAP_PERMITTED],
 			      &result->set[CAP_EFFECTIVE] )) {
-	    cap_free(&result);
+	    cap_free(result);
+	    result = NULL;
 	}
     }
 
@@ -54,7 +55,8 @@
 			     &result->set[CAP_INHERITABLE],
 			     &result->set[CAP_PERMITTED],
 			     &result->set[CAP_EFFECTIVE] ))
-	    cap_free(&result);
+	    cap_free(result);
+	    result = NULL;
     }
 
     return result;
diff -Naur libcap-1.10.orig/libcap/cap_proc.c libcap-1.10/libcap/cap_proc.c
--- libcap-1.10.orig/libcap/cap_proc.c	1999-04-18 20:50:01.000000000 +0000
+++ libcap-1.10/libcap/cap_proc.c	2007-05-25 18:47:32.000000000 +0000
@@ -21,7 +21,8 @@
 
 	/* fill the capability sets via a system call */
 	if (capget(&result->head, &result->set)) {
-	    cap_free(&result);
+	    cap_free(result);
+	    result = NULL;
 	}
     }
 
diff -Naur libcap-1.10.orig/libcap/cap_text.c libcap-1.10/libcap/cap_text.c
--- libcap-1.10.orig/libcap/cap_text.c	1999-11-18 06:03:26.000000000 +0000
+++ libcap-1.10/libcap/cap_text.c	2007-05-25 18:47:32.000000000 +0000
@@ -16,8 +16,8 @@
 #include <ctype.h>
 #include <stdio.h>
 
-/* Maximum output text length (16 per cap) */
-#define CAP_TEXT_SIZE    (16*__CAP_BITS)
+/* Maximum output text length (20 per cap) */
+#define CAP_TEXT_SIZE    (20*__CAP_BITS)
 
 #define LIBCAP_EFF   01
 #define LIBCAP_INH   02
@@ -209,9 +209,10 @@
     }
 
 bad:
-    cap_free(&res);
+    cap_free(res);
+    res = NULL;
     errno = EINVAL;
-    return NULL;
+    return res;
 }
 
 /*
@@ -261,7 +262,7 @@
 	    m = t;
 
     /* blank is not a valid capability set */
-    p = sprintf(buf, "=%s%s%s",
+    p = snprintf(buf, sizeof(buf), "=%s%s%s",
 		(m & LIBCAP_EFF) ? "e" : "",
 		(m & LIBCAP_INH) ? "i" : "",
 		(m & LIBCAP_PER) ? "p" : "" ) + buf;
@@ -272,9 +273,9 @@
 	    for (n = 0; n != __CAP_BITS; n++)
 		if (getstateflags(caps, n) == t) {
 		    if (_cap_names[n])
-			p += sprintf(p, "%s,", _cap_names[n]);
+			p += snprintf(p, sizeof(buf)-(p-buf), "%s,", _cap_names[n]);
 		    else
-			p += sprintf(p, "%d,", n);
+			p += snprintf(p, sizeof(buf)-(p-buf), "%d,", n);
 		    if (p - buf > CAP_TEXT_SIZE) {
 			errno = ERANGE;
 			return NULL;
@@ -283,13 +284,17 @@
 	    p--;
 	    n = t & ~m;
 	    if (n)
-		p += sprintf(p, "+%s%s%s",
+		p += snprintf(p, sizeof(buf)-(p-buf), "+%s%s%s",
 			     (n & LIBCAP_EFF) ? "e" : "",
 			     (n & LIBCAP_INH) ? "i" : "",
 			     (n & LIBCAP_PER) ? "p" : "");
+	    if (p - buf > CAP_TEXT_SIZE) {
+		errno = ERANGE;
+		return NULL;
+	    }
 	    n = ~t & m;
 	    if (n)
-		p += sprintf(p, "-%s%s%s",
+		p += snprintf(p, sizeof(buf)-(p-buf), "-%s%s%s",
 			     (n & LIBCAP_EFF) ? "e" : "",
 			     (n & LIBCAP_INH) ? "i" : "",
 			     (n & LIBCAP_PER) ? "p" : "");