$OpenBSD: patch-src_cfexecd_c,v 1.3 2004/10/01 21:22:15 sturm Exp $
--- src/cfexecd.c.orig	Mon Aug 16 22:12:46 2004
+++ src/cfexecd.c	Fri Oct  1 23:14:46 2004
@@ -148,7 +148,7 @@ Banner("Check options");
 
 NOSPLAY = false; 
 
-sprintf(VPREFIX, "cfexecd"); 
+(void)snprintf(VPREFIX, 40, "cfexecd"); 
 openlog(VPREFIX,LOG_PID|LOG_NOWAIT|LOG_ODELAY,LOG_DAEMON);
 
 while ((c=getopt_long(argc,argv,"L:d:vhpFV1g",CFDOPTIONS,&optindex)) != EOF)
@@ -229,7 +229,7 @@ strncpy(VLOGDIR,WORKDIR,CF_BUFSIZE-1);
 VCANONICALFILE = strdup(CanonifyName(VINPUTFILE));
 GetNameInfo();
 
-strcpy(VUQNAME,VSYSNAME.nodename);
+(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE);
 }
 
 
@@ -412,7 +412,7 @@ if (strstr(line,"No SMTP"))
    CfLog(cferror,"Need: smtpserver = ( ?? ) in control ","");
    }
 
-strcpy(VMAILSERVER,line); 
+(void)strlcpy(VMAILSERVER,line,sizeof(VMAILSERVER)); 
  
 Debug("Got cfengine SMTP server as (%s)\n",VMAILSERVER); 
 
@@ -426,19 +426,19 @@ if (strlen(line) == 0)
    CfLog(cferror,"Need: sysadm = ( ??@?? ) in control ","");
    }
 
-strcpy(MAILTO,line); 
+(void)strlcpy(MAILTO,line,sizeof(MAILTO)); 
 Debug("Got cfengine sysadm variable (%s)\n",MAILTO); 
 
 line[0] = '\0'; 
 fgets(line,CF_BUFSIZE,pp); 
 Chop(line); 
-strcpy(VFQNAME,line); 
+(void)strlcpy(VFQNAME,line,CF_MAXVARSIZE); 
 Debug("Got fully qualified name (%s)\n",VFQNAME); 
 
 line[0] = '\0'; 
 fgets(line,CF_BUFSIZE,pp); 
 Chop(line); 
-strcpy(VIPADDRESS,line); 
+(void)strlcpy(VIPADDRESS,line,18); 
 Debug("Got IP (%s)\n",VIPADDRESS); 
 
 if ((ungetc(fgetc(pp), pp)) != '[')
@@ -917,7 +917,7 @@ if (!Dialogue(sd,NULL))
    goto mail_err;
    }
  
-sprintf(VBUFF,"HELO %s\r\n",VFQNAME); 
+(void)snprintf(VBUFF,sizeof(VBUFF),"HELO %s\r\n",VFQNAME); 
 Debug("%s",VBUFF);
 
  if (!Dialogue(sd,VBUFF))
@@ -930,12 +930,12 @@ sscanf(to,"%*[^@]@%.64s",domain);
 
 if (strlen(domain) > 0)
    {
-   sprintf(VBUFF,"MAIL FROM: <cfengine@%s>\r\n",domain);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <cfengine@%s>\r\n",domain);
    Debug("%s",VBUFF);
    }
 else
    {
-   sprintf(VBUFF,"MAIL FROM: <%s>\r\n",to);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",to);
    Debug("%s",VBUFF);   
    }
 
@@ -944,7 +944,7 @@ if (!Dialogue(sd,VBUFF))
    goto mail_err;
    }
  
-sprintf(VBUFF,"RCPT TO: <%s>\r\n",to);
+(void)snprintf(VBUFF,sizeof(VBUFF),"RCPT TO: <%s>\r\n",to);
 Debug("%s",VBUFF);
 
 if (!Dialogue(sd,VBUFF))
@@ -959,12 +959,12 @@ if (!Dialogue(sd,"DATA\r\n"))
 
 if (anomaly)
    {
-   sprintf(VBUFF,"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS);
    Debug("%s",VBUFF);
    }
 else
    {
-   sprintf(VBUFF,"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS);
    Debug("%s",VBUFF);
    }
  
@@ -978,10 +978,10 @@ strftime(VBUFF,CF_BUFSIZE,"Date: %a, %d 
 sent=send(sd,VBUFF,strlen(VBUFF),0);
 #endif
 
-sprintf(VBUFF,"From: cfengine@%s\r\n",VFQNAME);
+(void)snprintf(VBUFF,sizeof(VBUFF),"From: cfengine@%s\r\n",VFQNAME);
 Debug("%s",VBUFF);
 sent=send(sd,VBUFF,strlen(VBUFF),0);
-sprintf(VBUFF,"To: %s\r\n\r\n",to); 
+(void)snprintf(VBUFF,sizeof(VBUFF),"To: %s\r\n\r\n",to); 
 Debug("%s",VBUFF);
 sent=send(sd,VBUFF,strlen(VBUFF),0);
 
@@ -994,14 +994,14 @@ while(!feof(fp))
    if (strlen(VBUFF) > 0)
       {
       VBUFF[strlen(VBUFF)-1] = '\r';
-      strcat(VBUFF, "\n");
+      (void)strlcat(VBUFF, "\n",sizeof(VBUFF));
       count++;
       sent=send(sd,VBUFF,strlen(VBUFF),0);
       }
    
    if ((MAXLINES != INF_LINES) && (count > MAXLINES))
       {
-      sprintf(VBUFF,"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME);
+      (void)snprintf(VBUFF,sizeof(VBUFF),"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME);
       sent=send(sd,VBUFF,strlen(VBUFF),0);
       break;
       }
@@ -1023,7 +1023,7 @@ mail_err: 
 
 fclose(fp);
 close(sd); 
-sprintf(VBUFF, "Cannot mail to %s.", to);
+(void)snprintf(VBUFF, sizeof(VBUFF), "Cannot mail to %s.", to);
 CfLog(cferror,VBUFF,"");
 }
 
