diff options
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/calendar/io.c | 9 | ||||
| -rw-r--r-- | usr.bin/cdio/cddb.c | 10 | ||||
| -rw-r--r-- | usr.bin/hexdump/conv.c | 6 | ||||
| -rw-r--r-- | usr.bin/less/charset.c | 10 | ||||
| -rw-r--r-- | usr.bin/less/filename.c | 20 | ||||
| -rw-r--r-- | usr.bin/less/option.c | 4 | ||||
| -rw-r--r-- | usr.bin/less/os.c | 10 | ||||
| -rw-r--r-- | usr.bin/man/man.c | 11 | ||||
| -rw-r--r-- | usr.bin/msgs/msgs.c | 13 | ||||
| -rw-r--r-- | usr.bin/netstat/inet6.c | 18 | ||||
| -rw-r--r-- | usr.bin/rpcgen/rpc_cout.c | 22 | ||||
| -rw-r--r-- | usr.bin/tftp/main.c | 24 | ||||
| -rw-r--r-- | usr.bin/vacation/vacation.c | 6 | ||||
| -rw-r--r-- | usr.bin/yacc/reader.c | 4 |
14 files changed, 91 insertions, 76 deletions
diff --git a/usr.bin/calendar/io.c b/usr.bin/calendar/io.c index 4dbbcfbf3bb..b52e728ba14 100644 --- a/usr.bin/calendar/io.c +++ b/usr.bin/calendar/io.c @@ -1,4 +1,4 @@ -/* $OpenBSD: io.c,v 1.21 2002/12/18 20:34:44 mickey Exp $ */ +/* $OpenBSD: io.c,v 1.22 2003/03/13 09:09:29 deraadt Exp $ */ /* * Copyright (c) 1989, 1993, 1994 @@ -43,7 +43,7 @@ static const char copyright[] = #if 0 static const char sccsid[] = "@(#)calendar.c 8.3 (Berkeley) 3/25/94"; #else -static char rcsid[] = "$OpenBSD: io.c,v 1.21 2002/12/18 20:34:44 mickey Exp $"; +static char rcsid[] = "$OpenBSD: io.c,v 1.22 2003/03/13 09:09:29 deraadt Exp $"; #endif #endif /* not lint */ @@ -178,10 +178,11 @@ cal(void) if (m->bodun && prefix) { int l1 = strlen(prefix); int l2 = strlen(p); + int len = l1 + l2 + 2; if ((cur_evt->ldesc = - malloc(l1 + l2 + 2)) == NULL) + malloc(len)) == NULL) err(1, "malloc"); - sprintf(cur_evt->ldesc, + snprintf(cur_evt->ldesc, len, "\t%s %s", prefix, p + 1); } else if ((cur_evt->ldesc = strdup(p)) == NULL) diff --git a/usr.bin/cdio/cddb.c b/usr.bin/cdio/cddb.c index d7e8e75218d..4b9c91906e3 100644 --- a/usr.bin/cdio/cddb.c +++ b/usr.bin/cdio/cddb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cddb.c,v 1.5 2002/12/14 21:28:08 espie Exp $ */ +/* $OpenBSD: cddb.c,v 1.6 2003/03/13 09:09:29 deraadt Exp $ */ /* * Copyright (c) 2002 Marc Espie. * @@ -79,7 +79,7 @@ send_hello(FILE *cout) char hostname[MAXHOSTNAMELEN]; if (gethostname(hostname, sizeof(hostname)) == -1) - strcpy(hostname, "unknown"); + strlcpy(hostname, "unknown", sizeof hostname); fprintf(cout, "CDDB HELLO %s %s cdio " VERSION "\r\n", getlogin(), hostname); fflush(cout); @@ -106,11 +106,11 @@ safe_copy(char **p, const char *title) if (*p == NULL) *p = strdup(copy_buffer); else { - char *n = malloc(strlen(*p) + strlen(copy_buffer) + 1); + int len = strlen(*p) + strlen(copy_buffer) + 1; + char *n = malloc(len); if (n == NULL) return; - strcpy(n, *p); - strcat(n, copy_buffer); + snprintf(n, len, "%s%s", *p, copy_buffer); free(*p); *p = n; } diff --git a/usr.bin/hexdump/conv.c b/usr.bin/hexdump/conv.c index 5c2e0da330d..7c9c6e7e944 100644 --- a/usr.bin/hexdump/conv.c +++ b/usr.bin/hexdump/conv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conv.c,v 1.4 2001/12/30 08:17:32 pvalchev Exp $ */ +/* $OpenBSD: conv.c,v 1.5 2003/03/13 09:09:31 deraadt Exp $ */ /* $NetBSD: conv.c,v 1.7 2001/12/07 15:14:29 bjh21 Exp $ */ /* @@ -36,7 +36,7 @@ #ifndef lint /*static char sccsid[] = "from: @(#)conv.c 5.4 (Berkeley) 6/1/90";*/ -static char rcsid[] = "$OpenBSD: conv.c,v 1.4 2001/12/30 08:17:32 pvalchev Exp $"; +static char rcsid[] = "$OpenBSD: conv.c,v 1.5 2003/03/13 09:09:31 deraadt Exp $"; #endif /* not lint */ #include <sys/types.h> @@ -91,7 +91,7 @@ conv_c(pr, p) *pr->cchar = 'c'; (void)printf(pr->fmt, *p); } else { - (void)sprintf(buf, "%03o", (int)*p); + (void)snprintf(buf, sizeof buf, "%03o", (int)*p); str = buf; strpr: *pr->cchar = 's'; (void)printf(pr->fmt, str); diff --git a/usr.bin/less/charset.c b/usr.bin/less/charset.c index 04b4f83ed4a..979435e283b 100644 --- a/usr.bin/less/charset.c +++ b/usr.bin/less/charset.c @@ -1,4 +1,4 @@ -/* $OpenBSD: charset.c,v 1.3 2001/11/19 19:02:14 mpech Exp $ */ +/* $OpenBSD: charset.c,v 1.4 2003/03/13 09:09:32 deraadt Exp $ */ /* * Copyright (c) 1984,1985,1989,1994,1995 Mark Nudelman @@ -278,12 +278,12 @@ prchar(c) c &= 0377; if (!control_char(c)) - sprintf(buf, "%c", c); + snprintf(buf, sizeof buf, "%c", c); else if (c == ESC) - sprintf(buf, "ESC"); + snprintf(buf, sizeof buf, "ESC"); else if (c < 128 && !control_char(c ^ 0100)) - sprintf(buf, "^%c", c ^ 0100); + snprintf(buf, sizeof buf, "^%c", c ^ 0100); else - sprintf(buf, binfmt, c); + snprintf(buf, sizeof buf, binfmt, c); return (buf); } diff --git a/usr.bin/less/filename.c b/usr.bin/less/filename.c index 28bacff3278..71dc429e756 100644 --- a/usr.bin/less/filename.c +++ b/usr.bin/less/filename.c @@ -1,4 +1,4 @@ -/* $OpenBSD: filename.c,v 1.3 2001/11/19 19:02:14 mpech Exp $ */ +/* $OpenBSD: filename.c,v 1.4 2003/03/13 09:09:32 deraadt Exp $ */ /* * Copyright (c) 1984,1985,1989,1994,1995 Mark Nudelman @@ -51,21 +51,21 @@ dirfile(dirname, filename) char *filename; { char *pathname; - int f; + int f, len; if (dirname == NULL || *dirname == '\0') return (NULL); /* * Construct the full pathname. */ - pathname = (char *) calloc(strlen(dirname) + strlen(filename) + 2, - sizeof(char)); + len = strlen(dirname) + strlen(filename) + 2; + pathname = (char *) calloc(len, sizeof(char)); if (pathname == NULL) return (NULL); #if MSOFTC || OS2 sprintf(pathname, "%s\\%s", dirname, filename); #else - sprintf(pathname, "%s/%s", dirname, filename); + snprintf(pathname, len, "%s/%s", dirname, filename); #endif /* * Make sure the file exists. @@ -239,7 +239,7 @@ fcomplete(s) sprintf(fpat, "%s*", s); #else fpat = (char *) ecalloc(strlen(s)+2, sizeof(char)); - sprintf(fpat, "%s*", s); + snprintf(fpat, strlen(s)+2, "%s*", s); #endif s = glob(fpat); if (strcmp(s,fpat) == 0) @@ -360,7 +360,7 @@ shellcmd(cmd, s1, s2) (s1 == NULL ? 0 : strlen(s1)) + (s2 == NULL ? 0 : strlen(s2)) + 1; scmd = (char *) ecalloc(len, sizeof(char)); - sprintf(scmd, cmd, s1, s2); + snprintf(scmd, len, cmd, s1, s2); #if HAVE_SHELL shell = getenv("SHELL"); if (shell != NULL && *shell != '\0') @@ -368,9 +368,9 @@ shellcmd(cmd, s1, s2) /* * Read the output of <$SHELL -c "cmd">. */ - scmd2 = (char *) ecalloc(strlen(shell) + strlen(scmd) + 7, - sizeof(char)); - sprintf(scmd2, "%s -c \"%s\"", shell, scmd); + len = strlen(shell) + strlen(scmd) + 7; + scmd2 = (char *) ecalloc(len, sizeof(char)); + snprintf(scmd2, len, "%s -c \"%s\"", shell, scmd); free(scmd); scmd = scmd2; } diff --git a/usr.bin/less/option.c b/usr.bin/less/option.c index ad44cb60af6..694c2baac70 100644 --- a/usr.bin/less/option.c +++ b/usr.bin/less/option.c @@ -1,4 +1,4 @@ -/* $OpenBSD: option.c,v 1.3 2001/11/19 19:02:14 mpech Exp $ */ +/* $OpenBSD: option.c,v 1.4 2003/03/13 09:09:32 deraadt Exp $ */ /* * Copyright (c) 1984,1985,1989,1994,1995 Mark Nudelman @@ -408,7 +408,7 @@ propt(c) { static char buf[8]; - sprintf(buf, "-%s", prchar(c)); + snprintf(buf, sizeof buf, "-%s", prchar(c)); return (buf); } diff --git a/usr.bin/less/os.c b/usr.bin/less/os.c index 27953952806..c4235f81979 100644 --- a/usr.bin/less/os.c +++ b/usr.bin/less/os.c @@ -1,4 +1,4 @@ -/* $OpenBSD: os.c,v 1.4 2001/11/19 19:02:14 mpech Exp $ */ +/* $OpenBSD: os.c,v 1.5 2003/03/13 09:09:32 deraadt Exp $ */ /* * Copyright (c) 1984,1985,1989,1994,1995 Mark Nudelman @@ -162,7 +162,7 @@ strerror(err) if (err < sys_nerr) return sys_errlist[err]; - sprintf(buf, "Error %d", err); + snprintf(buf, sizeof buf, "Error %d", err); return buf; #else return ("cannot open"); @@ -179,14 +179,16 @@ errno_message(filename) { char *p; char *m; + int len; #if HAVE_ERRNO extern int errno; p = strerror(errno); #else p = "cannot open"; #endif - m = (char *) ecalloc(strlen(filename) + strlen(p) + 3, sizeof(char)); - sprintf(m, "%s: %s", filename, p); + len = strlen(filename) + strlen(p) + 3; + m = (char *) ecalloc(len, sizeof(char)); + snprintf(m, len, "%s: %s", filename, p); return (m); } diff --git a/usr.bin/man/man.c b/usr.bin/man/man.c index e4ffe0e03ca..21177aa6e46 100644 --- a/usr.bin/man/man.c +++ b/usr.bin/man/man.c @@ -1,4 +1,4 @@ -/* $OpenBSD: man.c,v 1.23 2002/12/08 16:50:07 millert Exp $ */ +/* $OpenBSD: man.c,v 1.24 2003/03/13 09:09:32 deraadt Exp $ */ /* $NetBSD: man.c,v 1.7 1995/09/28 06:05:34 tls Exp $ */ /* @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)man.c 8.17 (Berkeley) 1/31/95"; #else -static char rcsid[] = "$OpenBSD: man.c,v 1.23 2002/12/08 16:50:07 millert Exp $"; +static char rcsid[] = "$OpenBSD: man.c,v 1.24 2003/03/13 09:09:32 deraadt Exp $"; #endif #endif /* not lint */ @@ -696,6 +696,7 @@ static char * check_pager(char *name) { char *p, *save; + int len; /* * if the user uses "more", we make it "more -s"; watch out for @@ -712,10 +713,10 @@ check_pager(char *name) if (!strncmp(p, "more", 4) && (!p[4] || isspace(p[4]))){ save = name; /* allocate space to add the "-s" */ - if (!(name = - malloc(strlen(save) + 1 + sizeof("-s")))) + len = strlen(save) + 1 + sizeof("-s"); + if (!(name =malloc(len))) err(1, NULL); - (void)sprintf(name, "%s %s", save, "-s"); + (void)snprintf(name, len, "%s %s", save, "-s"); } return(name); } diff --git a/usr.bin/msgs/msgs.c b/usr.bin/msgs/msgs.c index a63bd906d44..15f6ce22eb5 100644 --- a/usr.bin/msgs/msgs.c +++ b/usr.bin/msgs/msgs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msgs.c,v 1.23 2002/08/08 11:55:07 ho Exp $ */ +/* $OpenBSD: msgs.c,v 1.24 2003/03/13 09:09:33 deraadt Exp $ */ /* $NetBSD: msgs.c,v 1.7 1995/09/28 06:57:40 tls Exp $ */ /*- @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)msgs.c 8.2 (Berkeley) 4/28/95"; #else -static char rcsid[] = "$OpenBSD: msgs.c,v 1.23 2002/08/08 11:55:07 ho Exp $"; +static char rcsid[] = "$OpenBSD: msgs.c,v 1.24 2003/03/13 09:09:33 deraadt Exp $"; #endif #endif /* not lint */ @@ -145,7 +145,7 @@ void prmesg(int); void onintr(int); void onsusp(int); int linecnt(FILE *); -int next(char *); +int next(char *, int); void ask(char *); void gfrsub(FILE *); char *nxtfld(char *); @@ -590,7 +590,7 @@ cmnd: break; } if (isdigit(*in)) { - msg = next(in); + msg = next(in, sizeof inbuf); sep = in; break; } @@ -742,12 +742,13 @@ linecnt(f) } int -next(buf) +next(buf, len) char *buf; + int len; { int i; sscanf(buf, "%d", &i); - sprintf(buf, "Goto %d", i); + snprintf(buf, len, "Goto %d", i); return(--i); } diff --git a/usr.bin/netstat/inet6.c b/usr.bin/netstat/inet6.c index be54955a356..f9e4a6cc487 100644 --- a/usr.bin/netstat/inet6.c +++ b/usr.bin/netstat/inet6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: inet6.c,v 1.25 2003/02/01 01:51:31 deraadt Exp $ */ +/* $OpenBSD: inet6.c,v 1.26 2003/03/13 09:09:33 deraadt Exp $ */ /* BSDI inet.c,v 2.3 1995/10/24 02:19:29 prb Exp */ /* * Copyright (c) 1983, 1988, 1993 @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)inet.c 8.4 (Berkeley) 4/20/94"; #else -/*__RCSID("$OpenBSD: inet6.c,v 1.25 2003/02/01 01:51:31 deraadt Exp $");*/ +/*__RCSID("$OpenBSD: inet6.c,v 1.26 2003/03/13 09:09:33 deraadt Exp $");*/ /*__RCSID("KAME Id: inet6.c,v 1.10 2000/02/09 10:49:31 itojun Exp");*/ #endif #endif /* not lint */ @@ -1044,21 +1044,27 @@ inet6print(struct in6_addr *in6, int port, char *proto) struct servent *sp = 0; char line[80], *cp; int width; + int len = sizeof line; width = Aflag ? 12 : 16; if (vflag && width < strlen(inet6name(in6))) width = strlen(inet6name(in6)); - snprintf(line, sizeof line, "%.*s.", width, inet6name(in6)); - cp = strchr(line, '\0'); + snprintf(line, len, "%.*s.", width, inet6name(in6)); + len -= strlen(line); + if (len <= 0) + goto bail; + + cp += len; if (!nflag && port) GETSERVBYPORT6(port, proto, sp); if (sp || port == 0) - sprintf(cp, "%.8s", sp ? sp->s_name : "*"); + snprintf(cp, len, "%.8s", sp ? sp->s_name : "*"); else - sprintf(cp, "%d", ntohs((u_short)port)); + snprintf(cp, len, "%d", ntohs((u_short)port)); width = Aflag ? 18 : 22; if (vflag && width < strlen(line)) width = strlen(line); +bail: printf(" %-*.*s", width, width, line); } diff --git a/usr.bin/rpcgen/rpc_cout.c b/usr.bin/rpcgen/rpc_cout.c index 6430b78249f..be22d6a5982 100644 --- a/usr.bin/rpcgen/rpc_cout.c +++ b/usr.bin/rpcgen/rpc_cout.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rpc_cout.c,v 1.13 2002/07/05 05:39:42 deraadt Exp $ */ +/* $OpenBSD: rpc_cout.c,v 1.14 2003/03/13 09:09:34 deraadt Exp $ */ /* $NetBSD: rpc_cout.c,v 1.6 1996/10/01 04:13:53 cgd Exp $ */ /* * Sun RPC is a product of Sun Microsystems, Inc. and is provided for @@ -354,17 +354,19 @@ emit_union(def) continue; cs = &cl->case_decl; if (!streq(cs->type, "void")) { - object = alloc(strlen(def->def_name) + strlen(format) + - strlen(cs->name) + 1); + int len = strlen(def->def_name) + strlen(format) + + strlen(cs->name) + 1; + + object = alloc(len); if (object == NULL) { fprintf(stderr, "Fatal error : no memory\n"); crash(); } if (isvectordef(cs->type, cs->rel)) { - sprintf(object, vecformat, def->def_name, + snprintf(object, len, vecformat, def->def_name, cs->name); } else { - sprintf(object, format, def->def_name, + snprintf(object, len, format, def->def_name, cs->name); } print_ifstat(2, cs->prefix, cs->type, cs->rel, cs->array_max, @@ -376,18 +378,20 @@ emit_union(def) dflt = def->def.un.default_decl; if (dflt != NULL) { if (!streq(dflt->type, "void")) { + int len = strlen(def->def_name) + strlen(format) + + strlen(dflt->name) + 1; + fprintf(fout, "\tdefault:\n"); - object = alloc(strlen(def->def_name) + strlen(format) + - strlen(dflt->name) + 1); + object = alloc(len); if (object == NULL) { fprintf(stderr, "Fatal error : no memory\n"); crash(); } if (isvectordef(dflt->type, dflt->rel)) { - sprintf(object, vecformat, def->def_name, + snprintf(object, len, vecformat, def->def_name, dflt->name); } else { - sprintf(object, format, def->def_name, + snprintf(object, len, format, def->def_name, dflt->name); } diff --git a/usr.bin/tftp/main.c b/usr.bin/tftp/main.c index 574b1983aba..5f0f6756519 100644 --- a/usr.bin/tftp/main.c +++ b/usr.bin/tftp/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.10 2002/02/16 21:27:55 millert Exp $ */ +/* $OpenBSD: main.c,v 1.11 2003/03/13 09:09:35 deraadt Exp $ */ /* $NetBSD: main.c,v 1.6 1995/05/21 16:54:10 mycroft Exp $ */ /* @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93"; #endif -static char rcsid[] = "$OpenBSD: main.c,v 1.10 2002/02/16 21:27:55 millert Exp $"; +static char rcsid[] = "$OpenBSD: main.c,v 1.11 2003/03/13 09:09:35 deraadt Exp $"; #endif /* not lint */ /* Many bug fixes are from Jim Guyton <guyton@rand-unix> */ @@ -172,7 +172,7 @@ main(argc, argv) s_in.sin_family = AF_INET; if (bind(f, (struct sockaddr *)&s_in, sizeof (s_in)) < 0) err(1, "tftp: bind"); - strcpy(mode, "netascii"); + strlcpy(mode, "netascii", sizeof mode); signal(SIGINT, intr); if (argc > 1) { if (setjmp(toplevel) != 0) @@ -195,7 +195,7 @@ setpeer(argc, argv) struct hostent *host; if (argc < 2) { - strcpy(line, "Connect "); + strlcpy(line, "Connect ", sizeof line); printf("(to) "); fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); if (makeargv()) @@ -220,7 +220,7 @@ setpeer(argc, argv) } peeraddr.sin_family = host->h_addrtype; bcopy(host->h_addr, &peeraddr.sin_addr, host->h_length); - (void) strcpy(hostname, host->h_name); + (void) strlcpy(hostname, host->h_name, sizeof hostname); } port = sp->s_port; if (argc == 3) { @@ -305,7 +305,7 @@ static void settftpmode(newmode) char *newmode; { - strcpy(mode, newmode); + strlcpy(mode, newmode, sizeof mode); if (verbose) printf("mode set to %s\n", mode); } @@ -324,7 +324,7 @@ put(argc, argv) char *cp, *targ; if (argc < 2) { - strcpy(line, "send "); + strlcpy(line, "send ", sizeof line); printf("(file) "); fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); if (makeargv()) @@ -357,7 +357,7 @@ put(argc, argv) bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr, hp->h_length); peeraddr.sin_family = hp->h_addrtype; connected = 1; - strcpy(hostname, hp->h_name); + strlcpy(hostname, hp->h_name, sizeof hostname); } if (!connected) { printf("No target machine specified.\n"); @@ -418,7 +418,7 @@ get(argc, argv) char *src; if (argc < 2) { - strcpy(line, "get "); + strlcpy(line, "get ", sizeof line); printf("(files) "); fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); if (makeargv()) @@ -454,7 +454,7 @@ get(argc, argv) hp->h_length); peeraddr.sin_family = hp->h_addrtype; connected = 1; - strcpy(hostname, hp->h_name); + strlcpy(hostname, hp->h_name, sizeof hostname); } if (argc < 4) { cp = argc == 3 ? argv[2] : tail(src); @@ -502,7 +502,7 @@ setrexmt(argc, argv) int t; if (argc < 2) { - strcpy(line, "Rexmt-timeout "); + strlcpy(line, "Rexmt-timeout ", sizeof line); printf("(value) "); fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); if (makeargv()) @@ -531,7 +531,7 @@ settimeout(argc, argv) int t; if (argc < 2) { - strcpy(line, "Maximum-timeout "); + strlcpy(line, "Maximum-timeout ", sizeof line); printf("(value) "); fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); if (makeargv()) diff --git a/usr.bin/vacation/vacation.c b/usr.bin/vacation/vacation.c index df8edaa2e31..c301b89e1da 100644 --- a/usr.bin/vacation/vacation.c +++ b/usr.bin/vacation/vacation.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vacation.c,v 1.17 2002/02/16 21:27:56 millert Exp $ */ +/* $OpenBSD: vacation.c,v 1.18 2003/03/13 09:09:36 deraadt Exp $ */ /* $NetBSD: vacation.c,v 1.7 1995/04/29 05:58:27 cgd Exp $ */ /* @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)vacation.c 8.2 (Berkeley) 1/26/94"; #endif -static char rcsid[] = "$OpenBSD: vacation.c,v 1.17 2002/02/16 21:27:56 millert Exp $"; +static char rcsid[] = "$OpenBSD: vacation.c,v 1.18 2003/03/13 09:09:36 deraadt Exp $"; #endif /* not lint */ /* @@ -224,7 +224,7 @@ readheaders() for (p = buf + 5; *p && *p != ' '; ++p) ; *p = '\0'; - (void)strcpy(from, buf + 5); + (void)strlcpy(from, buf + 5, sizeof from); if ((p = strchr(from, '\n'))) *p = '\0'; if (junkmail()) diff --git a/usr.bin/yacc/reader.c b/usr.bin/yacc/reader.c index 4cc0a181dca..25eff52cca8 100644 --- a/usr.bin/yacc/reader.c +++ b/usr.bin/yacc/reader.c @@ -1,4 +1,4 @@ -/* $OpenBSD: reader.c,v 1.11 2002/06/14 21:35:00 todd Exp $ */ +/* $OpenBSD: reader.c,v 1.12 2003/03/13 09:09:37 deraadt Exp $ */ /* $NetBSD: reader.c,v 1.5 1996/03/19 03:21:43 jtc Exp $ */ @@ -1275,7 +1275,7 @@ insert_empty_rule() bucket *bp, **bpp; assert(cache); - sprintf(cache, "$$%d", ++gensym); + snprintf(cache, cache_size, "$$%d", ++gensym); bp = make_bucket(cache); last_symbol->next = bp; last_symbol = bp; |