$NetBSD: patch-ae,v 1.2 2006/08/06 20:49:52 mjl Exp $ --- sserver.cpp.orig 2003-03-07 20:22:13.000000000 +0100 +++ sserver.cpp 2006-08-06 22:45:30.000000000 +0200 @@ -52,7 +52,7 @@ char a_grabname[256]; char a_vpid[20]; char a_apid[20]; - char a_filename[256]; + char a_filename[PATH_MAX]; char a_path[256]=""; char a_host[256]; int i,n; @@ -169,10 +169,10 @@ sprintf(a_vpid,"0x%03x",recdata.vpid); sprintf(a_apid,"0x%03x",recdata.apid); - strcpy (a_filename,a_path); + strlcpy (a_filename,a_path, sizeof(a_filename)); if (strlen(a_filename)) { - strcat(a_filename,"/"); + strlcat(a_filename, "/", sizeof(a_filename)); } if (strlen(recdata.channelname) > 0) @@ -185,8 +185,8 @@ } } while (*p_act); - strcat(a_filename, recdata.channelname); - strcat(a_filename, "_"); + strlcat(a_filename, recdata.channelname, sizeof(a_filename)); + strlcat(a_filename, "_", sizeof(a_filename)); } if (strlen(recdata.epgtitle) > 0) @@ -206,13 +206,13 @@ } } while (*p_act++); - strcat(a_filename, recdata.epgtitle); - strcat(a_filename, "_"); + strlcat(a_filename, recdata.epgtitle, sizeof(a_filename)); + strlcat(a_filename, "_", sizeof(a_filename)); } t = time (&t); - strftime (buf, sizeof(a_filename)-1, "%Y%m%d_%H%M%S", localtime(&t)); - strcat(a_filename, buf); + strftime (buf, 20, "%Y%m%d_%H%M%S", localtime(&t)); + strlcat(a_filename, buf, sizeof(a_filename)); pid = fork(); if (pid == -1) {