diff -up cups-1.3.6/cgi-bin/search.c.CVE-2008-0047 cups-1.3.6/cgi-bin/search.c
--- cups-1.3.6/cgi-bin/search.c.CVE-2008-0047	2008-01-16 22:20:33.000000000 +0000
+++ cups-1.3.6/cgi-bin/search.c	2008-04-01 16:41:30.000000000 +0100
@@ -167,7 +167,9 @@ cgiCompileSearch(const char *query)	/* I
       * string + RE overhead...
       */
 
-      wlen = (sptr - s) + 4 * wlen + 2 * strlen(prefix) + 4;
+      wlen = (sptr - s) + 2 * 4 * wlen + 2 * strlen(prefix) + 11;
+      if (lword)
+        wlen += strlen(lword);
 
       if (wlen > slen)
       {