$OpenBSD: patch-gplink_scan_l,v 1.1.1.1 2003/11/03 01:02:36 naddy Exp $
--- gplink/scan.l.orig	2003-10-19 21:16:00.000000000 +1000
+++ gplink/scan.l	2003-10-19 21:16:51.000000000 +1000
@@ -88,7 +88,7 @@ static void bad_char(char *character)
 {
   char complaint[80];
 			 
-  sprintf(complaint, 
+  snprintf(complaint, sizeof(complaint),
     isprint(*character) ?
       "Illegal character '%c' in numeric constant" :
       "Illegal character %#x in numeric constant",
@@ -115,9 +115,9 @@ void open_src(char *name, int isinclude)
     int i;
 
     for(i = 0; i < state.numpaths; i++) {
-      strcpy(tryname, state.paths[i]);
-      strcat(tryname, COPY_CHAR);
-      strcat(tryname, name);
+      strlcpy(tryname, state.paths[i], sizeof(tryname));
+      strlcat(tryname, COPY_CHAR, sizeof(tryname));
+      strlcat(tryname, name, sizeof(tryname));
       new->f = fopen(tryname, "rt");
       if(new->f) {
         new->name = strdup(tryname);
