diff --git a/programs/util.c b/programs/util.c
index 43f2b9408..94c40cc95 100644
--- a/programs/util.c
+++ b/programs/util.c
@@ -703,21 +703,34 @@ static size_t UTIL_processLines(char* buffer, size_t bufferSize)
 }
 
 /* Create an array of pointers to the lines in a buffer */
-static const char**
-UTIL_createLinePointers(char* buffer, size_t numLines, size_t bufferSize)
+static const char** UTIL_createLinePointers(char* buffer, size_t numLines, size_t bufferSize)
 {
     size_t lineIndex = 0;
     size_t pos = 0;
-    const char** linePointers = (const char**)malloc(numLines * sizeof(*linePointers));
-    if (linePointers == NULL) return NULL;
+    void* const bufferPtrs = malloc(numLines * sizeof(const char**));
+    const char** const linePointers = (const char**)bufferPtrs;
+    if (bufferPtrs == NULL) return NULL;
 
     while (lineIndex < numLines && pos < bufferSize) {
-        linePointers[lineIndex++] = buffer + pos;
-        pos += strlen(buffer + pos) + 1;  /* +1 for the finishing `\0` */
+        size_t len = 0;
+        linePointers[lineIndex++] = buffer+pos;
+
+        /* Find the next null terminator, being careful not to go past the buffer */
+        while ((pos + len < bufferSize) && buffer[pos + len] != '\0') {
+            len++;
+        }
+
+        /* Move past this string and its null terminator */
+        pos += len;
+        if (pos < bufferSize) pos++;  /* Skip the null terminator if we're not at buffer end */
     }
 
-    assert(pos <= bufferSize);
-    assert(lineIndex == numLines);
+    /* Verify we processed the expected number of lines */
+    if (lineIndex != numLines) {
+        /* Something went wrong - we didn't find as many lines as expected */
+        free(bufferPtrs);
+        return NULL;
+    }
 
     return linePointers;
 }