$OpenBSD: patch-src_dspam_c,v 1.8 2007/12/21 14:42:23 todd Exp $
--- src/dspam.c.orig	Tue Dec 12 09:33:45 2006
+++ src/dspam.c	Thu Dec 20 18:07:56 2007
@@ -108,7 +108,6 @@ main (int argc, char *argv[])
   int exitcode = EXIT_SUCCESS;
   struct nt_node *node_nt;
   struct nt_c c_nt;
-  struct passwd *pwent;
 
   srand ((long) time << (long) getpid ());
   umask (006);                  /* rw-rw---- */
@@ -123,14 +122,11 @@ main (int argc, char *argv[])
 
   /* Cache my username and uid for trusted user security */
 
-  pwent = getpwuid(getuid());
-  if (pwent == NULL) {
+  if (!init_pwent_cache()) {
     LOG(LOG_ERR, ERR_AGENT_RUNTIME_USER);
     exitcode = EXIT_FAILURE;
     goto BAIL;
   }
-  __pw_name = strdup(pwent->pw_name);
-  __pw_uid  = pwent->pw_uid;
 
   /* Read dspam.conf into global config structure (ds_config_t) */
 
@@ -402,7 +398,7 @@ process_message (
       CTX->confidence = 1.0;
       STATUS("A virus was detected in the message contents");
       result = DSR_ISSPAM;
-      strcpy(CTX->class, LANG_CLASS_VIRUS);
+      strlcpy(CTX->class, LANG_CLASS_VIRUS, sizeof (CTX->class));
       internally_canned = 1;
       if (!dspam_getsource (CTX, ip, sizeof (ip)))
       {
@@ -419,7 +415,7 @@ process_message (
     result = DSR_ISSPAM;
     CTX->probability = 1.0;
     CTX->confidence = 1.0;
-    strcpy(CTX->class, LANG_CLASS_BLOCKLISTED);
+    strlcpy(CTX->class, LANG_CLASS_BLOCKLISTED, sizeof (CTX->class));
     internally_canned = 1;
   }
 
@@ -439,7 +435,7 @@ process_message (
         result = DSR_ISSPAM;
         CTX->probability = 1.0;
         CTX->confidence = 1.0;
-        strcpy(CTX->class, LANG_CLASS_BLACKLISTED);
+        strlcpy(CTX->class, LANG_CLASS_BLACKLISTED, sizeof (CTX->class));
         internally_canned = 1;
       }
     }
@@ -786,10 +782,10 @@ process_message (
 
     switch (CTX->result) {
       case DSR_ISSPAM:
-        strcpy(data, "Spam");
+        strlcpy(data, "Spam", sizeof (data));
         break;
       default:
-        strcpy(data, "Innocent");
+        strlcpy(data, "Innocent", sizeof (data));
         break;
     }
 
@@ -1054,7 +1050,7 @@ int tag_message(AGENT_CTX *ATX, ds_message_t message)
   int tagged = 0;
   char spam_subject[16];
 
-  strcpy(spam_subject, "[SPAM]");
+  strlcpy(spam_subject, "[SPAM]", sizeof (spam_subject));
   if (_ds_pref_val(ATX->PTX, "spamSubject")[0] != '\n' &&
       _ds_pref_val(ATX->PTX, "spamSubject")[0] != 0)
   {
@@ -1616,7 +1612,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
     if (parse_message == NULL) {
       LOG(LOG_CRIT, ERR_MEM_ALLOC);
       presult->exitcode = ERC_PROCESS;
-      strcpy(presult->text, ERR_MEM_ALLOC);
+      strlcpy(presult->text, ERR_MEM_ALLOC, sizeof (presult->text));
 
       if (ATX->results)
         nt_add(ATX->results, presult);
