$NetBSD: patch-ai,v 1.5 2006/08/24 22:02:02 salo Exp $ --- src/display.c.orig 2003-09-04 17:54:02.000000000 +0200 +++ src/display.c 2006-08-24 23:37:28.000000000 +0200 @@ -216,7 +216,7 @@ display(void) disprefs < mdisprefs && screenline <= lastdispline; ++disprefs, ++screenline) { /* read the reference line */ - if (fscanf(refsfound, "%s%s%s %[^\n]", file, function, + if (fscanf(refsfound, "%" PATHLEN_STR "s%" PATHLEN_STR "s%" NUMLEN_STR "s %" TEMPSTRING_LEN_STR "[^\n]", file, function, linenum, tempstring) < 4) { break; } @@ -473,24 +473,24 @@ search(void) /* see if it is empty */ if ((c = getc(refsfound)) == EOF) { if (findresult != NULL) { - (void) sprintf(lastmsg, "Egrep %s in this pattern: %s", + (void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s", findresult, pattern); } else if (rc == NOTSYMBOL) { - (void) sprintf(lastmsg, "This is not a C symbol: %s", + (void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s", pattern); } else if (rc == REGCMPERROR) { - (void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s", + (void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s", pattern); } else if (funcexist == NO) { - (void) sprintf(lastmsg, "Function definition does not exist: %s", + (void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s", pattern); } else { - (void) sprintf(lastmsg, "Could not find the %s: %s", + (void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s", fields[field].text2, pattern); } return(NO); @@ -555,17 +555,17 @@ progress(char *what, long current, long move(MSGLINE, 0); clrtoeol(); addstr(what); - sprintf(msg, "%ld", current); + snprintf(msg, sizeof(msg), "%ld", current); move(MSGLINE, (COLS / 2) - (strlen(msg) / 2)); addstr(msg); - sprintf(msg, "%ld", max); + snprintf(msg, sizeof(msg), "%ld", max); move(MSGLINE, COLS - strlen(msg)); addstr(msg); refresh(); } else if (verbosemode == YES) { - sprintf(msg, "> %s %ld of %ld", what, current, max); + snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max); } start = now; @@ -603,7 +603,7 @@ myperror(char *text) s = sys_errlist[errno]; } #endif - (void) sprintf(msg, "%s: %s", text, s); + (void) snprintf(msg, sizeof(msg), "%s: %s", text, s); postmsg(msg); }