diff --git a/doc/window.doc b/doc/window.doc
index 5e7bc1449..7694cd641 100644
--- a/doc/window.doc
+++ b/doc/window.doc
@@ -215,6 +215,7 @@ char yn_function(const char *ques, const char *choices, char default)
 		   returned, preserving case (upper or lower.) This means that
 		   if the calling function needs an exact match, it must handle
 		   user input correctness itself.
+		-- ques should not be more than QBUFSZ-1 characters long.
 getlin(const char *ques, char *input)
 		-- Prints ques as a prompt and reads a single line of text,
 		   up to a newline.  The string entered is returned without the
diff --git a/src/cmd.c b/src/cmd.c
index df31aca03..9d5588e73 100644
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -2947,22 +2947,20 @@ wiz_port_debug()
  *   window port causing a buffer overflow there.
  */
 char
-yn_function(query,resp, def)
-const char *query,*resp;
+yn_function(query, resp, def)
+const char *query, *resp;
 char def;
 {
 	char qbuf[QBUFSZ];
-	unsigned truncspot, reduction = sizeof(" [N]  ?") + 1;
 
-	if (resp) reduction += strlen(resp) + sizeof(" () ");
-	if (strlen(query) < (QBUFSZ - reduction))
+	/* maximum acceptable length is QBUFSZ-1 */
+	if (strlen(query) < QBUFSZ)
 		return (*windowprocs.win_yn_function)(query, resp, def);
+
+	/* caller shouldn't have passed anything this long */
 	paniclog("Query truncated: ", query);
-	reduction += sizeof("...");
-	truncspot = QBUFSZ - reduction;
-	(void) strncpy(qbuf, query, (int)truncspot);
-	qbuf[truncspot] = '\0';
-	Strcat(qbuf,"...");
+	(void) strncpy(qbuf, query, QBUFSZ-1 - 3);
+	Strcpy(&qbuf[QBUFSZ-1 - 3], "...");
 	return (*windowprocs.win_yn_function)(qbuf, resp, def);
 }