$OpenBSD: patch-contrib_src_stc_scintilla_src_PropSet_cxx,v 1.1.1.1 2004/07/16 21:01:35 todd Exp $
--- contrib/src/stc/scintilla/src/PropSet.cxx.orig	2003-09-20 20:23:23.000000000 +1000
+++ contrib/src/stc/scintilla/src/PropSet.cxx	2003-10-04 13:30:58.000000000 +1000
@@ -15,6 +15,8 @@
 
 #include "PropSet.h"
 
+#define min(a, b)	(((a) < (b)) ? (a) : (b))
+
 // The comparison and case changing functions here assume ASCII
 // or extended ASCII such as the normal Windows code page.
 
@@ -185,9 +187,9 @@ SString PropSet::Expand(const char *with
 			break;
 		size_t newlenbase = strlen(base) + val.length() - lenvar;
 		char *newbase = new char[newlenbase];
-		strncpy(newbase, base, cpvar - base);
-		strcpy(newbase + (cpvar - base), val.c_str());
-		strcpy(newbase + (cpvar - base) + val.length(), cpendvar + 1);
+		strlcpy(newbase, base, min(cpvar - base +1, newlenbase));
+		strlcat(newbase, val.c_str(), newlenbase);
+		strlcat(newbase, cpendvar + 1, newlenbase);
 		delete []var;
 		delete []base;
 		base = newbase;
@@ -305,9 +307,9 @@ SString PropSet::GetNewExpand(const char
 			SString val = GetWild(var, filename);
 			size_t newlenbase = strlen(base) + val.length() - lenvar;
 			char *newbase = new char[newlenbase];
-			strncpy(newbase, base, cpvar - base);
-			strcpy(newbase + (cpvar - base), val.c_str());
-			strcpy(newbase + (cpvar - base) + val.length(), cpendvar + 1);
+			strlcpy(newbase, base, min(cpvar - base +1, newlenbase));
+			strlcat(newbase, val.c_str(), newlenbase);
+			strlcat(newbase, cpendvar + 1, newlenbase);
 			delete []var;
 			delete []base;
 			base = newbase;
@@ -715,3 +717,4 @@ char *WordList::GetNearestWords(
 	}
 	return NULL;
 }
+
