$NetBSD: patch-ad,v 1.1.1.1 2003/06/23 13:55:24 agc Exp $

Minor security audit

--- tcx.c	2003/06/20 10:44:29	1.1
+++ tcx.c	2003/06/20 10:45:54
@@ -120,16 +120,16 @@
 	/* If cannot, warn user and quit */
 
 	if(strrchr(argv[1], '/') == NULL)
-		(void)sprintf(tofile, ".tcx.%s", argv[1]);
+		(void)snprintf(tofile, sizeof(tofile), ".tcx.%s", argv[1]);
 	else
 	{
-		(void)strcpy(tofile, argv[1]);
+		(void)strlcpy(tofile, argv[1], sizeof(tofile));
 		s = strrchr(tofile, '/');
 		*s = '\0';
-		(void)strcat(tofile, "/.tcx.");
+		(void)strlcat(tofile, "/.tcx.", sizeof(tofile));
 		s = strrchr(argv[1], '/');
 		s++;
-		(void)strcat(tofile, s);
+		(void)strlcat(tofile, s, sizeof(tofile));
 	}
 
 	lck.l_type = F_WRLCK; lck.l_whence = 0; lck.l_start = 0; lck.l_len = 0;
@@ -213,7 +213,7 @@
 
 	/* Spit out header and start encoding executable */
 
-	(void)sprintf(header, "#!%s\n", PATHUNTCX);
+	(void)snprintf(header, sizeof(header), "#!%s\n", PATHUNTCX);
 	if(write(outfd, header, strlen(header)) < 0) { (void)perror("write"); exit(-1); }
 
 	c = 0;	if((write(outfd, &c, 1)) < 0) { (void)perror("write"); exit(-1); }