$OpenBSD: patch-cs_csparse_c,v 1.3 2005/11/24 17:56:19 sturm Exp $
--- cs/csparse.c.orig	Thu Sep 30 02:46:33 2004
+++ cs/csparse.c	Wed Nov 23 20:43:33 2005
@@ -1667,6 +1667,7 @@ static NEOERR *eval_expr_string(CSPARSE 
 {
   char *s1, *s2;
   int out;
+  size_t need;
 
   result->op_type = CS_TYPE_NUM;
   s1 = arg_eval (parse, arg1);
@@ -1741,11 +1742,12 @@ static NEOERR *eval_expr_string(CSPARSE 
       case CS_OP_ADD:
 	result->op_type = CS_TYPE_STRING;
 	result->alloc = 1;
-	result->s = (char *) calloc ((strlen(s1) + strlen(s2) + 1), sizeof(char));
+	need = strlen(s1) + strlen(s2) + 1;
+	result->s = (char *) calloc (need, sizeof(char));
 	if (result->s == NULL)
 	  return nerr_raise (NERR_NOMEM, "Unable to allocate memory to concatenate strings in expression: %s + %s", s1, s2);
-	strcpy(result->s, s1);
-	strcat(result->s, s2);
+	strlcpy(result->s, s1, need);
+	strlcat(result->s, s2, need);
 	break;
       default:
 	ne_warn ("Unsupported op %s in eval_expr_string", expand_token_type(op, 1));
@@ -3359,9 +3361,9 @@ static NEOERR * _builtin_str_slice (CSPA
   NEOERR *err;
   char *s = NULL;
   char *slice;
-  int b = 0;
-  int e = 0;
-  int len;
+  long int b = 0;
+  long int e = 0;
+  size_t len;
 
   result->op_type = CS_TYPE_STRING;
   result->s = "";
