$OpenBSD: patch-src_copymove_c,v 1.2 2005/11/14 17:09:22 pvalchev Exp $
--- src/copymove.c.orig	Thu Nov 16 15:59:48 2000
+++ src/copymove.c	Thu May 12 15:31:52 2005
@@ -57,15 +57,17 @@ if(!cm_isdir(dstdir)) return(0);
 if((in=fopen(src,"rb"))==NULL)
   return(0);
 
-if((dst=malloc(strlen(dstdir)+strlen(src)+2))==NULL)	/* +2 for / and NUL */
+siz=strlen(dstdir)+strlen(src)+1; /* +2 for / and NUL */
+
+if((dst=malloc(siz))==NULL)
   return(0);
 
-strcpy(dst,dstdir);
-strcat(dst,"/");
+strlcpy(dst,dstdir,siz);
+strlcat(dst,"/",siz);
 if(strrchr(src,'/'))
-  strcat(dst,strrchr(src,'/')+1);
+  strlcat(dst,strrchr(src,'/')+1,siz);
 else
-  strcat(dst,src);
+  strlcat(dst,src,siz);
 
 /* check it doesn't already exist */
 if((out=fopen(dst,"rb"))!=NULL)
@@ -114,18 +116,21 @@ int movefile(char *src,char *dstdir)
 struct stat sbuf;
 struct utimbuf utbuf;
 char *dst;
+int siz;
 
 if(!cm_isdir(dstdir)) return(0);
 
-if((dst=malloc(strlen(dstdir)+strlen(src)+2))==NULL)	/* +2 for / and NUL */
+siz=strlen(dstdir)+strlen(src)+2; /* +2 for / and NUL */
+
+if((dst=malloc(siz))==NULL)
   return(0);
 
-strcpy(dst,dstdir);
-strcat(dst,"/");
+strlcpy(dst,dstdir,siz);
+strlcat(dst,"/",siz);
 if(strrchr(src,'/'))
-  strcat(dst,strrchr(src,'/')+1);
+  strlcat(dst,strrchr(src,'/')+1,siz);
 else
-  strcat(dst,src);
+  strlcat(dst,src,siz);
 
 /* fail if dest file already exists */
 if(stat(dst,&sbuf)==0)
@@ -328,9 +333,9 @@ for(done=f=0;f<numrows;f++)
   
   if(!(*copy_or_move_ptr)(ptr,destdir))
     {
-    sprintf(buf,"Error %s ",cm_do_move?"moving":"copying");
+    snprintf(buf,sizeof(buf),"Error %s ",cm_do_move?"moving":"copying");
     /* if it's a really big filename just say "file" :-) */
-    strcat(buf,(strlen(ptr)>100)?"file":ptr);
+    strlcat(buf,(strlen(ptr)>100)?"file":ptr,sizeof(buf));
     
     if(mainwin)
       {
