diff --git a/coreengine/complextypes.c b/coreengine/complextypes.c
index 2574208..064e2bf 100644
--- a/coreengine/complextypes.c
+++ b/coreengine/complextypes.c
@@ -726,15 +726,15 @@ bool cNumericExpr::IsNumericExpression(const char *e) {
 }
 
 bool cNumericExpr::PercentValue(const char *e) {
+    if (!e)
+        return e;
     const char *hit = strchr(e, '%');
     if (!hit)
         return false;
-    char buffer[20] = "";
-    if (strlen(e) > 20)
-        return false;
-    strncpy(buffer, e, strlen(e)-1);
-    buffer[strlen(e)-1] = '\0';
-    int val = atoi(buffer);
+    int val;
+    int r = sscanf(e, "%d%%", &val); // use sscanf to retrieve %-value to avoid -Wstringop-overflow
+    if (r != 1)
+        return false; // sscanf parsing problem
     bool ok = false;
     if (horizontal && container->Width() > 0) {
         value = container->Width() * val / 100;
@@ -747,22 +747,22 @@ bool cNumericExpr::PercentValue(const char *e) {
 }
 
 char *cNumericExpr::ReplacePercentValue(char *e) {
+    if (!e)
+        return e;
     const char *hit = strchr(e, '%');
     if (!hit)
         return e;
-    char buffer[20] = "";
-    if (strlen(e) > 20)
-        return e;
-    strncpy(buffer, e, strlen(e)-1);
-    buffer[strlen(e)-1] = '\0';
-    int val = atoi(buffer);
+    int val;
+    int r = sscanf(e, "%d%%", &val); // use sscanf to retrieve %-value to avoid -Wstringop-overflow
+    if (r != 1)
+        return e; // sscanf parsing problem
     double percentVal = (double)val/100.0f;
 
     char replacement[50] = "";
     if (horizontal) {
-        sprintf(replacement, "%.5f*{areawidth}", percentVal);
+        snprintf(replacement, sizeof(replacement), "%.5f*{areawidth}", percentVal);
     } else {
-        sprintf(replacement, "%.5f*{areaheight}", percentVal);
+        snprintf(replacement, sizeof(replacement), "%.5f*{areaheight}", percentVal);
     }
 
     int len = strlen(replacement) + 1;
@@ -774,16 +774,19 @@ char *cNumericExpr::ReplacePercentValue(char *e) {
 }
 
 char *cNumericExpr::ReplaceToken(char *e, const char* token, int val) {
+    if (!e)
+        return e;
     char *tokenStart = strstr(e, token);
     if (!tokenStart) {
         return e;
     }
     char buffer[20] = "";
-    sprintf(buffer, "%d", val);
+    snprintf(buffer, sizeof(buffer), "%d", val);
     size_t newSize = strlen(e) - strlen(token) + strlen(buffer) + 1;
     char *replaced = (char*)malloc(newSize);
     memset(replaced, 0, newSize);
     size_t beginning = strlen(e) - strlen(tokenStart);
+    if (beginning >= newSize) beginning = newSize - 1; // will never happen but avoid -Wstringop-overflow
     if (beginning > 0)
         strncpy(replaced, e, beginning);
     strcat(replaced, buffer);
diff --git a/extensions/imageloader.c b/extensions/imageloader.c
index 88ecb14..467e17d 100644
--- a/extensions/imageloader.c
+++ b/extensions/imageloader.c
@@ -178,14 +178,14 @@ cImageImporterSVG::cImageImporterSVG() {
 
 cImageImporterSVG::~cImageImporterSVG() {
     if (handle) {
-        rsvg_handle_close(handle, NULL); // deprecated since version 2.46
+        rsvg_handle_close(handle, NULL); // TODO: deprecated since version 2.46
         g_object_unref(handle);
     }
 }
 
 bool cImageImporterSVG::LoadImage(const char *path) {
     if (handle) {
-        rsvg_handle_close(handle, NULL); // deprecated since version 2.46
+        rsvg_handle_close(handle, NULL); // TODO: deprecated since version 2.46
         g_object_unref(handle);
     }