$OpenBSD: patch-conserver_cutil_c,v 1.2 2007/06/15 11:53:39 sturm Exp $
--- conserver/cutil.c.orig	Tue Nov  9 09:37:05 2004
+++ conserver/cutil.c	Thu May 31 14:11:55 2007
@@ -84,7 +84,7 @@ StrTime(ltime)
     time_t tyme;
 
     tyme = time((time_t *)0);
-    strcpy(curtime, ctime(&tyme));
+    strlcpy(curtime, ctime(&tyme), sizeof(curtime));
     curtime[24] = '\000';	/* might need to adjust this at some point */
     if (ltime != NULL)
 	*ltime = tyme;
@@ -424,7 +424,7 @@ ReadLine(fp, save, iLine)
 	   || peek) {
 	/* If we have a previously saved line, use it instead */
 	if (save->used) {
-	    strcpy(buf, save->string);
+	    strlcpy(buf, save->string, sizeof(buf));
 	    BuildString((char *)0, save);
 	}
 
@@ -2138,7 +2138,7 @@ ProbeInterfaces(bindAddr)
 {
 #ifdef SIOCGIFCONF
     struct ifconf ifc;
-    struct ifreq *ifr;
+    struct ifreq ifr;
 #ifdef SIOCGIFFLAGS
     struct ifreq ifrcopy;
 #endif
@@ -2198,7 +2198,7 @@ ProbeInterfaces(bindAddr)
      * than loop through looking for valid interfaces that are up
      * twice, huh?
      */
-    count = ifc.ifc_len / sizeof(*ifr);
+    count = ifc.ifc_len / sizeof(ifr);
     CONDDEBUG((1, "ProbeInterfaces(): ifc_len==%d max_count==%d",
 	       ifc.ifc_len, count));
 
@@ -2217,36 +2217,37 @@ ProbeInterfaces(bindAddr)
 
     for (m = r = 0; r < ifc.ifc_len;) {
 	struct sockaddr *sa;
-	ifr = (struct ifreq *)&ifc.ifc_buf[r];
-	sa = (struct sockaddr *)&ifr->ifr_addr;
+
+	memcpy(&ifr, &ifc.ifc_buf[r], sizeof(ifr));
+	sa = (struct sockaddr *)&ifr.ifr_addr;
 	/* don't use less than a ifreq sized chunk */
-	if ((ifc.ifc_len - r) < sizeof(*ifr))
+	if ((ifc.ifc_len - r) < sizeof(ifr))
 	    break;
 #ifdef HAVE_SA_LEN
-	if (sa->sa_len > sizeof(ifr->ifr_addr))
-	    r += sizeof(ifr->ifr_name) + sa->sa_len;
+	if (sa->sa_len > sizeof(ifr.ifr_addr))
+	    r += sizeof(ifr.ifr_name) + sa->sa_len;
 	else
 #endif
-	    r += sizeof(*ifr);
+	    r += sizeof(ifr);
 
 	if (sa->sa_family == AF_INET) {
 	    struct sockaddr_in *sin = (struct sockaddr_in *)sa;
 #ifdef SIOCGIFFLAGS
 	    /* make sure the interface is up */
-	    ifrcopy = *ifr;
+	    memcpy(&ifrcopy, &ifr, sizeof(ifrcopy));
 	    if ((ioctl(sock, SIOCGIFFLAGS, &ifrcopy) == 0) &&
 		((ifrcopy.ifr_flags & IFF_UP) == 0))
 		continue;
 #endif
 	    CONDDEBUG((1, "ProbeInterfaces(): name=%s addr=%s",
-		       ifr->ifr_name, inet_ntoa(sin->sin_addr)));
+		       ifr.ifr_name, inet_ntoa(sin->sin_addr)));
 #if HAVE_MEMCPY
 	    memcpy(&myAddrs[m], &(sin->sin_addr), sizeof(struct in_addr));
 #else
 	    bcopy(&(sin->sin_addr), &myAddrs[m], sizeof(struct in_addr));
 #endif
 	    Verbose("interface address %s (%s)", inet_ntoa(myAddrs[m]),
-		    ifr->ifr_name);
+		    ifr.ifr_name);
 	    m++;
 	}
     }
