$OpenBSD: patch-src_util_c,v 1.1 2005/05/21 13:46:44 alek Exp $
--- src/util.c.orig	Fri May 20 13:20:25 2005
+++ src/util.c	Fri May 20 13:38:22 2005
@@ -143,8 +143,10 @@ ices_util_read_line (FILE *fp)
 
 /* Create a box-unique filename of a certain type */
 char *
-ices_util_get_random_filename (char *namespace, char *type)
+ices_util_get_random_filename (char *namespace, size_t size, char *type)
 {
+        int ret;
+
 	if (!namespace || !type) {
 		ices_log ("WARNING: ices_util_get_random_filename() called with NULL pointers.");
 		return NULL;
@@ -153,7 +155,11 @@ ices_util_get_random_filename (char *nam
 #ifdef _WIN32
 	doooh();
 #else
-	sprintf (namespace, "ices.%s.%d", type, (int)getpid ());
+	ret = snprintf (namespace, size, "ices.%s.%d", type, (int)getpid ());
+	if (ret == -1 || ret >= size) {
+		ices_log ("WARNING: Truncation or format/encoding error occured in ices_util_get_random_filename()");
+		return NULL;
+	}
 	return namespace;
 #endif
 }
@@ -256,22 +262,25 @@ ices_util_percent (int num, int den)
  * by nice formatting in string buf.
  * Note: This only works ok with CBR */
 char *
-ices_util_file_time (unsigned int bitrate, unsigned int filesize, char *buf)
+ices_util_file_time (unsigned int bitrate, unsigned int filesize, char *buf, size_t size)
 {
 	unsigned long int days, hours, minutes, nseconds, remains;
 	unsigned long int seconds;
+        int ret;
 
+	if (!buf)
+		return NULL;
+
 	if (!bitrate) {
-      sprintf (buf, "0:0:0:0");
-	  return buf;
-    }
+		ret = snprintf (buf, size, "0:0:0:0");
+		if (ret == -1 || ret >= size)
+                        return NULL;
+		return buf;
+	}
 
 	/* << 7 == 1024 (bits->kbits) / 8 (bits->bytes) */
 	seconds = filesize / ((bitrate * 1000) >> 3);
 
-	if (!buf)
-		return NULL;
-
 	days = seconds / 86400;
 	remains = seconds % 86400;
 
@@ -281,8 +290,9 @@ ices_util_file_time (unsigned int bitrat
 	minutes = remains / 60;
 	nseconds = remains % 60;
 
-	sprintf (buf, "%lu:%lu:%lu:%lu", days, hours, minutes, nseconds);
-	
+	ret = snprintf (buf, size, "%lu:%lu:%lu:%lu", days, hours, minutes, nseconds);
+	if (ret == -1 || ret >= size)
+                return NULL;
 	return buf;
 }
 
