$OpenBSD: patch-etc_uams_uams_randnum_c,v 1.1 2003/08/22 11:18:19 naddy Exp $
--- etc/uams/uams_randnum.c.orig	Mon Aug 18 14:04:44 2003
+++ etc/uams/uams_randnum.c	Mon Aug 18 14:11:47 2003
@@ -149,7 +149,7 @@ static int afppasswd(const struct passwd
 		     const int set)
 {
   u_int8_t key[DES_KEY_SZ*2];
-  char buf[MAXPATHLEN + 1], *p;
+  char buf[MAXPATHLEN], *p;
   Key_schedule	schedule;
   FILE *fp;
   int i, j, keyfd = -1, err = 0;
@@ -161,9 +161,9 @@ static int afppasswd(const struct passwd
   }
   
   /* open the key file if it exists */
-  strcpy(buf, path);
+  (void)strlcpy(buf, path, sizeof(buf));
   if (pathlen < sizeof(buf) - 5) {
-    strcat(buf, ".key");
+    (void)strlcat(buf, ".key", sizeof(buf));
     keyfd = open(buf, O_RDONLY);
   } 
   
@@ -270,14 +270,14 @@ static int randpass(const struct passwd 
   /* Build pathname to user's '.passwd' file */
   i = strlen(file);
   if (*file == '~') {
-    char path[MAXPATHLEN + 1];
+    char path[MAXPATHLEN];
 
-    if ( (strlen(pwd->pw_dir) + i - 1) > MAXPATHLEN)
+    if ( (strlen(pwd->pw_dir) + i - 1) > (MAXPATHLEN-1))
     return AFPERR_PARAM;
   
-    strcpy(path,  pwd->pw_dir );
-    strcat(path, "/" );
-    strcat(path, file + 2);
+    (void)strlcpy(path,  pwd->pw_dir, sizeof(path));
+    (void)strlcat(path, "/", sizeof(path));
+    (void)strlcat(path, file + 2, sizeof(path));
     if (!uid)
       seteuid(pwd->pw_uid); /* change ourselves to the user */
     i = home_passwd(pwd, path, i, passwd, len, set);
@@ -286,7 +286,7 @@ static int randpass(const struct passwd 
     return i;
   } 
 
-  if (i > MAXPATHLEN)
+  if (i > (MAXPATHLEN-1))
     return AFPERR_PARAM;
 
   /* handle afppasswd file. we need to make sure that we're root
