$OpenBSD: patch-src_cfenvd_c,v 1.2 2004/08/08 14:02:11 sturm Exp $
--- src/cfenvd.c.orig	Fri Jun 18 06:43:37 2004
+++ src/cfenvd.c	Mon Aug  2 13:30:33 2004
@@ -188,10 +188,10 @@ void CheckOptsAndInit(int argc,char **ar
  int c, i,j,k;
 
 umask(077);
-sprintf(VPREFIX,"cfenvd"); 
+(void)snprintf(VPREFIX,40,"cfenvd"); 
 openlog(VPREFIX,LOG_PID|LOG_NOWAIT|LOG_ODELAY,LOG_DAEMON);
 
-strcpy(CFLOCK,"cfenvd");
+(void)strlcpy(CFLOCK,"cfenvd",sizeof(CFLOCK));
  
 IGNORELOCK = false; 
 OUTPUT[0] = '\0';
@@ -242,18 +242,18 @@ while ((c=getopt_long(argc,argv,"d:vhHFV
 
 LOGGING = true;                    /* Do output to syslog */
  
-sprintf(VBUFF,"%s/test",WORKDIR);
+(void)snprintf(VBUFF,sizeof(VBUFF),"%s/test",WORKDIR);
 MakeDirectoriesFor(VBUFF,'y');
-sprintf(VBUFF,"%s/state/test",WORKDIR);
+(void)snprintf(VBUFF,sizeof(VBUFF),"%s/state/test",WORKDIR);
 MakeDirectoriesFor(VBUFF,'y');
 strncpy(VLOCKDIR,WORKDIR,CF_BUFSIZE-1);
 strncpy(VLOGDIR,WORKDIR,CF_BUFSIZE-1);
 
 for (i = 0; i < ATTR; i++)
    {
-   sprintf(VBUFF,"%s/state/cf_incoming.%s",WORKDIR,ECGSOCKS[i][1]);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"%s/state/cf_incoming.%s",WORKDIR,ECGSOCKS[i][1]);
    CreateEmptyFile(VBUFF);
-   sprintf(VBUFF,"%s/state/cf_outgoing.%s",WORKDIR,ECGSOCKS[i][1]);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"%s/state/cf_outgoing.%s",WORKDIR,ECGSOCKS[i][1]);
    CreateEmptyFile(VBUFF);
    }
 
@@ -263,13 +263,13 @@ for (i = 0; i < CF_NETATTR; i++)
    NETOUT_DIST[i] = NULL;
    }
  
-sprintf(VBUFF,"%s/state/cf_users",WORKDIR);
+(void)snprintf(VBUFF,sizeof(VBUFF),"%s/state/cf_users",WORKDIR);
 CreateEmptyFile(VBUFF);
  
-snprintf(AVDB,CF_BUFSIZE,"%s/state/%s",WORKDIR,CF_AVDB_FILE);
-snprintf(STATELOG,CF_BUFSIZE,"%s/state/%s",WORKDIR,CF_STATELOG_FILE);
-snprintf(ENV_NEW,CF_BUFSIZE,"%s/state/%s",WORKDIR,CF_ENVNEW_FILE);
-snprintf(ENV,CF_BUFSIZE,"%s/state/%s",WORKDIR,CF_ENV_FILE);
+snprintf(AVDB,sizeof(AVDB),"%s/state/%s",WORKDIR,CF_AVDB_FILE);
+snprintf(STATELOG,sizeof(AVDB),"%s/state/%s",WORKDIR,CF_STATELOG_FILE);
+snprintf(ENV_NEW,sizeof(AVDB),"%s/state/%s",WORKDIR,CF_ENVNEW_FILE);
+snprintf(ENV,sizeof(AVDB),"%s/state/%s",WORKDIR,CF_ENV_FILE);
 
 if (!BATCH_MODE)
    {
@@ -459,7 +459,7 @@ void StartServer(int argc,char **argv)
 
 if ((!NO_FORK) && (fork() != 0))
    {
-   sprintf(OUTPUT,"cfenvd: starting\n");
+   (void)snprintf(OUTPUT,sizeof(OUTPUT),"cfenvd: starting\n");
    CfLog(cfinform,OUTPUT,"");
    exit(0);
    }
@@ -625,7 +625,7 @@ if ((now = time((time_t *)NULL)) == -1)
    exit(1);
    }
 
-sprintf(str,"%s",ctime(&now));
+(void)snprintf(str,sizeof(str),"%s",ctime(&now));
 
 return ConvTimeKey(str); 
 }
@@ -791,14 +791,14 @@ SetVariable("loadavg",LOADAVG,av.expect_
 for (i = 0; i < ATTR; i++)
    {
    char name[256];
-   strcpy(name,ECGSOCKS[i][1]);
-   strcat(name,"_in");
+   (void)strlcpy(name,ECGSOCKS[i][1],sizeof(name));
+   (void)strlcat(name,"_in",sizeof(name));
    
    sig = SetClasses(name,INCOMING[i],av.expect_incoming[i],av.var_incoming[i],LOCALAV.expect_incoming[i],LOCALAV.var_incoming[i],&classlist,timekey);
    SetVariable(name,INCOMING[i],av.expect_incoming[i],sig,&classlist);
 
-   strcpy(name,ECGSOCKS[i][1]);
-   strcat(name,"_out");
+   (void)strlcpy(name,ECGSOCKS[i][1],sizeof(name));
+   (void)strlcat(name,"_out",sizeof(name));
 
    sig = SetClasses(name,OUTGOING[i],av.expect_outgoing[i],av.var_outgoing[i],LOCALAV.expect_outgoing[i],LOCALAV.var_outgoing[i],&classlist,timekey);
    SetVariable(name,OUTGOING[i],av.expect_outgoing[i],sig,&classlist);
@@ -818,13 +818,13 @@ for (i = 0; i < PH_LIMIT; i++)
 for (i = 0; i < CF_NETATTR; i++)
    {
    char name[256];
-   strcpy(name,TCPNAMES[i]);
-   strcat(name,"_in");
+   (void)strlcpy(name,TCPNAMES[i],sizeof(name));
+   (void)strlcat(name,"_in",sizeof(name));
    sig = SetClasses(name,NETIN[i],av.expect_netin[i],av.var_netin[i],LOCALAV.expect_netin[i],LOCALAV.var_netin[i],&classlist,timekey);
    SetVariable(name,NETIN[i],av.expect_netin[i],sig,&classlist);
 
-   strcpy(name,TCPNAMES[i]);
-   strcat(name,"_out");
+   (void)strlcpy(name,TCPNAMES[i],sizeof(name));
+   (void)strlcat(name,"_out",sizeof(name));
    sig = SetClasses(name,NETOUT[i],av.expect_netout[i],av.var_netout[i],LOCALAV.expect_netout[i],LOCALAV.var_netout[i],&classlist,timekey);
    SetVariable(name,NETOUT[i],av.expect_netout[i],sig,&classlist);
    }
@@ -1142,7 +1142,7 @@ if (ALL_OUTGOING != NULL)
  
 sscanf(VNETSTAT[VSYSTEMHARDCLASS],"%s",comm);
 
-strcat(comm," -n"); 
+(void)strlcat(comm," -n",sizeof(comm)); 
  
 if ((pp = cfpopen(comm,"r")) == NULL)
    {
@@ -1473,7 +1473,7 @@ struct Averages *GetCurrentAverages(char
  
 if ((errno = db_create(&dbp,NULL,0)) != 0)
    {
-   sprintf(OUTPUT,"Couldn't open average database %s\n",AVDB);
+   (void)snprintf(OUTPUT,sizeof(OUTPUT),"Couldn't open average database %s\n",AVDB);
    CfLog(cferror,OUTPUT,"db_open");
    return NULL;
    }
@@ -1484,7 +1484,7 @@ if ((errno = dbp->open(dbp,AVDB,NULL,DB_
 if ((errno = dbp->open(dbp,NULL,AVDB,NULL,DB_BTREE,DB_CREATE,0644)) != 0)    
 #endif
    {
-   sprintf(OUTPUT,"Couldn't open average database %s\n",AVDB);
+   (void)snprintf(OUTPUT,sizeof(OUTPUT),"Couldn't open average database %s\n",AVDB);
    CfLog(cferror,OUTPUT,"db_open");
    return NULL;
    }
@@ -1534,7 +1534,7 @@ void UpdateAverages(char *timekey,struct
  
 if ((errno = db_create(&dbp,NULL,0)) != 0)
    {
-   sprintf(OUTPUT,"Couldn't open average database %s\n",AVDB);
+   (void)snprintf(OUTPUT,sizeof(OUTPUT),"Couldn't open average database %s\n",AVDB);
    CfLog(cferror,OUTPUT,"db_open");
    return;
    }
@@ -1545,7 +1545,7 @@ if ((errno = dbp->open(dbp,AVDB,NULL,DB_
 if ((errno = dbp->open(dbp,NULL,AVDB,NULL,DB_BTREE,DB_CREATE,0644)) != 0)    
 #endif
    {
-   sprintf(OUTPUT,"Couldn't open average database %s\n",AVDB);
+   (void)snprintf(OUTPUT,sizeof(OUTPUT),"Couldn't open average database %s\n",AVDB);
    CfLog(cferror,OUTPUT,"db_open");
    return;
    }
@@ -1772,27 +1772,27 @@ if (fabs(delta) < cf_noise_threshold) /*
    Debug(" Sensitivity too high ..\n");
 
    buffer[0] = '\0';
-   strcpy(buffer,name);
+   (void)strlcpy(buffer,name,sizeof(buffer));
 
    if ((delta > 0) && (ldelta > 0))
       {
-      strcat(buffer,"_high");
+      (void)strlcat(buffer,"_high",sizeof(buffer));
       }
    else if ((delta < 0) && (ldelta < 0))
       {
-      strcat(buffer,"_low");
+      (void)strlcat(buffer,"_low",sizeof(buffer));
       }
    else
       {
-      strcat(buffer,"_normal");
+      (void)strlcat(buffer,"_normal",sizeof(buffer));
       }
         
     dev = sqrt(delta*delta/(1.0+sigma*sigma)+ldelta*ldelta/(1.0+lsigma*lsigma));
         
     if (dev > 2.0*sqrt(2.0))
        {
-       strcpy(buffer2,buffer);
-       strcat(buffer2,"_microanomaly");
+       (void)strlcpy(buffer2,buffer,sizeof(buffer2));
+       (void)strlcat(buffer2,"_microanomaly",sizeof(buffer2));
        AppendItem(classlist,buffer2,"2");
        AddPersistentClass(buffer2,40,cfpreserve); 
        }
@@ -1802,33 +1802,33 @@ if (fabs(delta) < cf_noise_threshold) /*
  else
     {
     buffer[0] = '\0';
-    strcpy(buffer,name);  
+    (void)strlcpy(buffer,name,sizeof(buffer));  
     
     if ((delta > 0) && (ldelta > 0))
        {
-       strcat(buffer,"_high");
+       (void)strlcat(buffer,"_high",sizeof(buffer));
        }
     else if ((delta < 0) && (ldelta < 0))
        {
-       strcat(buffer,"_low");
+       (void)strlcat(buffer,"_low",sizeof(buffer));
        }
     else
        {
-       strcat(buffer,"_normal");
+       (void)strlcat(buffer,"_normal",sizeof(buffer));
        }
     
     dev = sqrt(delta*delta/(1.0+sigma*sigma)+ldelta*ldelta/(1.0+lsigma*lsigma));
     
     if (dev <= sqrt(2.0))
        {
-       strcpy(buffer2,buffer);
-       strcat(buffer2,"_normal");
+       (void)strlcpy(buffer2,buffer,sizeof(buffer));
+       (void)strlcat(buffer2,"_normal",sizeof(buffer2));
        AppendItem(classlist,buffer2,"0");
        }
     else
        {
-       strcpy(buffer2,buffer);
-       strcat(buffer2,"_dev1");
+       (void)strlcpy(buffer2,buffer,sizeof(buffer2));
+       (void)strlcat(buffer2,"_dev1",sizeof(buffer2));
        AppendItem(classlist,buffer2,"0");
        }
     
@@ -1838,16 +1838,16 @@ if (fabs(delta) < cf_noise_threshold) /*
     
     if (dev > 2.0*sqrt(2.0))
        {
-       strcpy(buffer2,buffer);
-       strcat(buffer2,"_dev2");
+       (void)strlcpy(buffer2,buffer,sizeof(buffer2));
+       (void)strlcat(buffer2,"_dev2",sizeof(buffer2));
        AppendItem(classlist,buffer2,"2");
        AddPersistentClass(buffer2,40,cfpreserve); 
        }
     
     if (dev > 3.0*sqrt(2.0))
        {
-       strcpy(buffer2,buffer);
-       strcat(buffer2,"_anomaly");
+       (void)strlcpy(buffer2,buffer,sizeof(buffer2));
+       (void)strlcat(buffer2,"_anomaly",sizeof(buffer2));
        AppendItem(classlist,buffer2,"3");
        AddPersistentClass(buffer2,40,cfpreserve); 
        }
@@ -1862,13 +1862,13 @@ void SetVariable(char *name,double value
 
 { char var[CF_BUFSIZE];
 
-sprintf(var,"value_%s=%d",name,(int)value);
+(void)snprintf(var,sizeof(var),"value_%s=%d",name,(int)value);
 AppendItem(classlist,var,"");
 
-sprintf(var,"average_%s=%1.1f",name,average);
+(void)snprintf(var,sizeof(var),"average_%s=%1.1f",name,average);
 AppendItem(classlist,var,"");
 
-sprintf(var,"stddev_%s=%1.1f",name,stddev);
+(void)snprintf(var,sizeof(var),"stddev_%s=%1.1f",name,stddev);
 AppendItem(classlist,var,""); 
 }
 
