$OpenBSD: patch-util_neo_str_c,v 1.2 2006/05/15 17:08:43 fkr Exp $
--- util/neo_str.c.orig	Fri Jul  1 02:42:50 2005
+++ util/neo_str.c	Mon May  8 16:54:19 2006
@@ -122,7 +122,7 @@ NEOERR *string_append (STRING *str, cons
   l = strlen(buf);
   err = string_check_length (str, l);
   if (err != STATUS_OK) return nerr_pass (err);
-  strcpy(str->buf + str->len, buf);
+  strlcpy(str->buf + str->len, buf, str->max - str->len);
   str->len += l;
 
   return STATUS_OK;
@@ -174,7 +174,7 @@ NEOERR *string_appendvf (STRING *str, co
   err = string_check_length (str, bl+1);
   if (err != STATUS_OK) return nerr_pass (err);
   va_copy(tmp, ap);
-  vsprintf (str->buf + str->len, fmt, tmp);
+  vsnprintf (str->buf + str->len, str->max - str->len, fmt, tmp);
   str->len += bl;
   str->buf[str->len] = '\0';
 
@@ -581,7 +581,7 @@ char *repr_string_alloc (const char *s)
 	  rs[i++] = '\\';
 	  break;
 	default:
-	  sprintf(&(rs[i]), "%03o", (s[x] & 0377));
+	  snprintf(&(rs[i]), nl+3-i,  "%03o", (s[x] & 0377));
 	  i += 3;
 	  break;
       }
