$OpenBSD: patch-src_cfshow_c,v 1.1 2005/07/21 15:16:46 aanriot Exp $
--- src/cfshow.c.orig	Thu Feb 10 15:19:37 2005
+++ src/cfshow.c	Tue Jul 19 12:02:08 2005
@@ -131,7 +131,7 @@ while ((c=getopt_long(argc,argv,"hdvaVls
   }
 
 
-strcpy(CFWORKDIR,WORKDIR);
+(void)strlcpy(CFWORKDIR,WORKDIR,sizeof(CFWORKDIR));
 
 if (getuid() > 0)
    {
@@ -139,8 +139,8 @@ if (getuid() > 0)
    
    if ((homedir = getenv("HOME")) != NULL)
       {
-      strcpy(CFWORKDIR,homedir);
-      strcat(CFWORKDIR,"/.cfagent");
+      (void)strlcpy(CFWORKDIR,homedir,sizeof(CFWORKDIR));
+      (void)strlcat(CFWORKDIR,"/.cfagent",sizeof(CFWORKDIR));
       }
    }
 }
@@ -248,7 +248,7 @@ while (dbcp->c_get(dbcp, &key, &value, D
    char tbuf[CF_BUFSIZE];
 
    memcpy(&then,value.data,sizeof(then));
-   strcpy(hostname,(char *)key.data);
+   (void)strlcpy(hostname,(char *)key.data,sizeof(hostname));
 
    if (value.data != NULL)
       {
@@ -444,6 +444,7 @@ char *ChecksumDump(unsigned char digest[
 { unsigned int i;
   static char buffer[EVP_MAX_MD_SIZE*4];
   int len = 1;
+  int s = 0;
 
 for (i = 0; buffer[i] != 0; i++)
    {
@@ -460,15 +461,17 @@ else
 
 switch(len)
    {
-   case 20: sprintf(buffer,"SHA=  ");
+   case 20: (void)snprintf(buffer,sizeof(buffer),"SHA=  ");
        break;
-   case 16: sprintf(buffer,"MD5=  ");
+   case 16: (void)snprintf(buffer,sizeof(buffer),"MD5=  ");
        break;
    }
   
 for (i = 0; i < len; i++)
    {
-   sprintf((char *)(buffer+4+2*i),"%02x", digest[i]);
+   s = sizeof(buffer) - (4+2*i);
+   if (s > 0)
+       (void)snprintf((char *)(buffer+4+2*i),s,"%02x", digest[i]);
    }
 
 return buffer; 
