$OpenBSD: patch-jhead_c,v 1.6 2008/10/21 23:47:52 okan Exp $
--- jhead.c.orig	Sat Oct  4 12:10:35 2008
+++ jhead.c	Sun Oct 19 19:19:22 2008
@@ -154,7 +154,8 @@ static int FileEditComment(char * TempFileName, char *
 #endif
         }
 
-        sprintf(QuotedPath, "%s \"%s\"",Editor, TempFileName);
+        snprintf(QuotedPath, sizeof(QuotedPath), "%s \"%s\"",Editor,
+	    TempFileName);
         a = system(QuotedPath);
     }
     
@@ -260,7 +261,8 @@ static int ModifyDescriptComment(char * OutComment, ch
     if (!HasScandate && !ImageInfo.DateTime[0]){
         // Scan date is not in the file yet, and it doesn't have one built in.  Add it.
         char Temp[30];
-        sprintf(Temp, "scan_date=%s", ctime(&ImageInfo.FileDateTime));
+	snprintf(Temp, sizeof(Temp),
+	    "scan_date=%s", ctime(&ImageInfo.FileDateTime));
         strncat(OutComment, Temp, MAX_COMMENT_SIZE-5-strlen(OutComment));
         Modified = TRUE;
     }
@@ -286,7 +288,9 @@ static int AutoResizeCmdStuff(void)
 
     if (scale < 0.5) scale = 0.5; // Don't scale down by more than a factor of two.
 
-    sprintf(CommandString, "mogrify -geometry %dx%d -quality 85 &i",(int)(ImageInfo.Width*scale), (int)(ImageInfo.Height*scale));
+    snprintf(CommandString, sizeof(CommandString),
+        "mogrify -geometry %dx%d -quality 85 &i",
+        (int)(ImageInfo.Width*scale), (int)(ImageInfo.Height*scale));
     return TRUE;
 }
 
@@ -316,13 +320,15 @@ static void DoCommand(const char * FileName, int ShowI
         if (ApplyCommand[a] == '&'){
             if (ApplyCommand[a+1] == 'i'){
                 // Input file.
-                e += sprintf(ExecString+e, "\"%s\"",FileName);
+                e += snprintf(ExecString+e, sizeof(ExecString) + e,
+		    "\"%s\"",FileName);
                 a += 1;
                 continue;
             }
             if (ApplyCommand[a+1] == 'o'){
                 // Needs an output file distinct from the input file.
-                e += sprintf(ExecString+e, "\"%s\"",TempName);
+                e += snprintf(ExecString+e, sizeof(ExecString) + e,
+		    "\"%s\"",TempName);
                 a += 1;
                 TempUsed = TRUE;
                 unlink(TempName);// Remove any pre-existing temp file
@@ -553,7 +559,8 @@ static void DoFileRenaming(const char * FileName)
                         memcpy(pat, pattern+ppos, 4);
                         pat[a-ppos] = 'd'; // Replace 'i' with 'd' for '%d'
                         pat[a-ppos+1] = '\0';
-                        sprintf(num, pat, FileSequence); // let printf do the number formatting.
+			// let printf do the number formatting.
+			snprintf(num, sizeof(num), pat, FileSequence);
                         nl = strlen(num);
                         l = strlen(pattern+a+1);
                         if (ppos+nl+l+1 >= PATH_MAX) ErrFatal("str overflow");
@@ -570,8 +577,9 @@ static void DoFileRenaming(const char * FileName)
         strftime(NewBaseName+PrefixPart, PATH_MAX, pattern, &tm);
     }else{
         // My favourite scheme.
-        sprintf(NewBaseName+PrefixPart, "%02d%02d-%02d%02d%02d",
-             tm.tm_mon+1, tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec);
+        snprintf(NewBaseName+PrefixPart, sizeof NewBaseName+PrefixPart,
+            "%02d%02d-%02d%02d%02d",
+            tm.tm_mon+1, tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec);
     }
 
     AddLetter = isdigit(NewBaseName[strlen(NewBaseName)-1]);
@@ -596,7 +604,7 @@ static void DoFileRenaming(const char * FileName)
             NameExtra[0] = 0;
         }
 
-        sprintf(NewName, "%s%s.jpg", NewBaseName, NameExtra);
+        snprintf(NewName, sizeof(NewName), "%s%s.jpg", NewBaseName, NameExtra);
 
         if (!strcmp(FileName, NewName)) break; // Skip if its already this name.
 
@@ -606,7 +614,8 @@ static void DoFileRenaming(const char * FileName)
                 printf("%s --> %s\n",FileName, NewName);
 #ifdef _WIN32
                 if (RenameAssociatedFiles){
-                    sprintf(NewName, "%s%s", NewBaseName, NameExtra);
+                    snprintf(NewName, sizeof(NewName),
+			"%s%s", NewBaseName, NameExtra);
                     RenameAssociated(FileName, NewName);
                 }
 #endif
@@ -638,7 +647,8 @@ static int DoAutoRotate(const char * FileName)
                 ErrFatal("Orientation screwup");
             }
 
-            sprintf(RotateCommand, "jpegtran -%s -outfile &o &i", Argument);
+            snprintf(RotateCommand, sizeof(RotateCommand),
+		"jpegtran -%s -outfile &o &i", Argument);
             ApplyCommand = RotateCommand;
             DoCommand(FileName, FALSE);
             ApplyCommand = NULL;
@@ -657,7 +667,8 @@ static int DoAutoRotate(const char * FileName)
                 strcpy(ThumbTempName_out, FileName);
                 strcat(ThumbTempName_out, ".tho");
                 SaveThumbnail(ThumbTempName_in);
-                sprintf(RotateCommand,"jpegtran -%s -outfile \"%s\" \"%s\"",
+                snprintf(RotateCommand, sizeof(RotateCommand),
+		    "jpegtran -%s -outfile \"%s\" \"%s\"",
                     Argument, ThumbTempName_out, ThumbTempName_in);
 
                 if (system(RotateCommand) == 0){
@@ -685,7 +696,8 @@ static int RegenerateThumbnail(const char * FileName)
         return FALSE;
     }
 
-    sprintf(ThumbnailGenCommand, "mogrify -thumbnail %dx%d \"%s\"", 
+    snprintf(ThumbnailGenCommand, sizeof(ThumbnailGenCommand),
+        "mogrify -thumbnail %dx%d \"%s\"",
         RegenThumbnail, RegenThumbnail, FileName);
 
     if (system(ThumbnailGenCommand) == 0){
@@ -1025,7 +1037,7 @@ void ProcessFile(const char * FileName)
 
             // Print to temp buffer first to avoid putting null termination in destination.
             // snprintf() would do the trick, hbut not available everywhere (like FreeBSD 4.4)
-            sprintf(TempBuf, "%04d:%02d:%02d %02d:%02d:%02d",
+            snprintf(TempBuf, sizeof(TempBuf), "%04d:%02d:%02d %02d:%02d:%02d",
                 tm.tm_year+1900, tm.tm_mon+1, tm.tm_mday,
                 tm.tm_hour, tm.tm_min, tm.tm_sec);
             
