sscanf buffer overflow

scanf is more primitive than you seem to think — %s will match everything up to the next whitespace. Your best solution is probably to stick with strtok but throw it only content you've strduped from the authoritative original.