diff --git a/src/misc_gui.cpp b/src/misc_gui.cpp
--- a/src/misc_gui.cpp
+++ b/src/misc_gui.cpp
@@ -772,7 +772,7 @@ static void DrawStationCoverageText(cons
 	b = InlineString(b, STR_000D_ACCEPTS);
 
 	for (CargoID i = 0; i < NUM_CARGO; i++) {
-		if (b >= lastof(_userstring) - 5) break;
+		if (b >= lastof(_userstring) - (1 + 2 * 4)) break; // ',' or ' ' and two calls to Utf8Encode()
 		switch (sct) {
 			case SCT_PASSENGERS_ONLY: if (!IsCargoInClass(i, CC_PASSENGERS)) continue; break;
 			case SCT_NON_PASSENGERS_ONLY: if (IsCargoInClass(i, CC_PASSENGERS)) continue; break;
@@ -795,6 +795,10 @@ static void DrawStationCoverageText(cons
 	if (first) b = InlineString(b, STR_00D0_NOTHING);
 
 	*b = '\0';
+
+	/* Make sure we detect any buffer overflow */
+	assert(b < endof(_userstring));
+
 	DrawStringMultiLine(str_x, str_y, STR_SPEC_USERSTRING, 144);
 }
 
diff --git a/src/station_gui.cpp b/src/station_gui.cpp
--- a/src/station_gui.cpp
+++ b/src/station_gui.cpp
@@ -807,7 +807,7 @@ static void DrawStationViewWindow(Window
 		b = InlineString(b, STR_000C_ACCEPTS);
 
 		for (CargoID i = 0; i < NUM_CARGO; i++) {
-			if (b >= endof(_userstring) - 5 - 1) break;
+			if (b >= lastof(_userstring) - (1 + 2 * 4)) break; // ',' or ' ' and two calls to Utf8Encode()
 			if (HasBit(st->goods[i].acceptance_pickup, GoodsEntry::ACCEPTANCE)) {
 				if (first) {
 					first = false;
@@ -824,6 +824,10 @@ static void DrawStationViewWindow(Window
 		if (first) b = InlineString(b, STR_00D0_NOTHING);
 
 		*b = '\0';
+
+		/* Make sure we detect any buffer overflow */
+		assert(b < endof(_userstring));
+
 		DrawStringMultiLine(2, 67, STR_SPEC_USERSTRING, 245);
 	} else { // extended window with list of cargo ratings
 		DrawString(2, 67, STR_3034_LOCAL_RATING_OF_TRANSPORT, TC_FROMSTRING);
diff --git a/src/vehicle_gui.cpp b/src/vehicle_gui.cpp
--- a/src/vehicle_gui.cpp
+++ b/src/vehicle_gui.cpp
@@ -506,6 +506,8 @@ uint ShowRefitOptionsList(int x, int y, 
 		for (CargoID cid = 0; cid < NUM_CARGO; cid++) {
 			if (!HasBit(cmask, cid)) continue;
 
+			if (b >= lastof(_userstring) - (2 + 2 * 4)) break; // ", " and two calls to Utf8Encode()
+
 			if (!first) b = strecpy(b, ", ", lastof(_userstring));
 			first = false;
 
@@ -515,6 +517,10 @@ uint ShowRefitOptionsList(int x, int y, 
 
 	/* Terminate and display the completed string */
 	*b = '\0';
+
+	/* Make sure we detect any buffer overflow */
+	assert(b < endof(_userstring));
+
 	return DrawStringMultiLine(x, y, STR_SPEC_USERSTRING, w);
 }