$OpenBSD: patch-src_cfrun_c,v 1.1 2004/06/17 11:21:43 sturm Exp $
--- src/cfrun.c.orig	2004-04-17 10:11:04.000000000 -0400
+++ src/cfrun.c	2004-06-10 22:32:35.000000000 -0400
@@ -242,23 +242,23 @@ if (uname(&VSYSNAME) == -1)
 
 if ((strlen(VDOMAIN) > 0) && !strchr(VSYSNAME.nodename,'.'))
    {
-   sprintf(VFQNAME,"%s.%s",VSYSNAME.nodename,VDOMAIN);
+   (void)snprintf(VFQNAME,CF_MAXVARSIZE,"%s.%s",VSYSNAME.nodename,VDOMAIN);
    }
 else
    {
-   sprintf(VFQNAME,"%s",VSYSNAME.nodename);
+   (void)snprintf(VFQNAME,CF_MAXVARSIZE,"%s",VSYSNAME.nodename);
    }   
 */
  
  Debug("FQNAME = %s\n",VFQNAME);
  
-sprintf(VPREFIX,"cfrun:%s",VFQNAME);
+(void)snprintf(VPREFIX,40,"cfrun:%s",VFQNAME);
  
 /* Read hosts file */
 
 umask(077);
-strcpy(VLOCKDIR,WORKDIR);
-strcpy(VLOGDIR,WORKDIR); 
+(void)strlcpy(VLOCKDIR,WORKDIR,CF_BUFSIZE);
+(void)strlcpy(VLOGDIR,WORKDIR,CF_BUFSIZE); 
 
 OpenSSL_add_all_algorithms();
 ERR_load_crypto_strings();
@@ -292,7 +292,7 @@ CONN = NewAgentConn();
 
 if (storeinfile)
    {
-   sprintf(filebuffer, "%s/%s", OUTPUTDIR, host);
+   (void)snprintf(filebuffer, sizeof(filebuffer), "%s/%s", OUTPUTDIR, host);
    if ((fp = fopen(filebuffer, "w")) == NULL)
       {
       return false;
@@ -562,10 +562,10 @@ if (!strchr(VCFRUNHOSTS, '/'))
    {
    if ((sp=getenv(CF_INPUTSVAR)) != NULL)
       {
-      strcpy(filename,sp);
+      (void)strlcpy(filename,sp,sizeof(filename));
       if (filename[strlen(filename)-1] != '/')
          {
-         strcat(filename,"/");
+         (void)strlcat(filename,"/",sizeof(filename));
          }
       }
    else
@@ -574,7 +574,7 @@ if (!strchr(VCFRUNHOSTS, '/'))
       }
    }
  
-strcat(filename,VCFRUNHOSTS);
+(void)strlcat(filename,VCFRUNHOSTS,sizeof(filename));
 
 if ((fp = fopen(filename,"r")) == NULL)      /* Open root file */
    {
@@ -687,8 +687,8 @@ while (!feof(fp))
 
    if ((!strstr(buffer,".")) && (strlen(VDOMAIN) > 0))
       {
-      strcat(buffer,".");
-      strcat(buffer,VDOMAIN);
+      (void)strlcat(buffer,".",sizeof(buffer));
+      (void)strlcat(buffer,VDOMAIN,sizeof(buffer));
       }
       
    if (!IsItemIn(VCFRUNHOSTLIST,buffer))
@@ -746,8 +746,8 @@ for (ip = VCFRUNCLASSES; ip != NULL; ip 
       memset(sendbuffer,0,CF_BUFSIZE);
       }
    
-   strcat(sendbuffer,ip->name);
-   strcat(sendbuffer," ");
+   (void)strlcat(sendbuffer,ip->name,CF_BUFSIZE);
+   (void)strlcat(sendbuffer," ",CF_BUFSIZE);
 
    sp += strlen(ip->name)+1;
    used += strlen(ip->name)+1;
@@ -766,7 +766,7 @@ if (used + strlen(CFD_TERMINATOR) +2 > C
    memset(sendbuffer,0,CF_BUFSIZE);
    }
    
-sprintf(sp, "%s", CFD_TERMINATOR);
+(void)snprintf(sp, CF_BUFSIZE, "%s", CFD_TERMINATOR);
 
 if (SendTransaction(sd,sendbuffer,0,CF_DONE) == -1)
    {
