$OpenBSD: patch-src_cfexecd_c,v 1.4 2005/07/21 15:16:46 aanriot Exp $
--- src/cfexecd.c.orig	Wed May 25 03:52:26 2005
+++ src/cfexecd.c	Fri Jul 15 12:24:00 2005
@@ -147,7 +147,7 @@ Banner("Check options");
 
 NOSPLAY = false; 
 
-sprintf(VPREFIX, "cfexecd"); 
+(void)snprintf(VPREFIX, 40, "cfexecd"); 
 openlog(VPREFIX,LOG_PID|LOG_NOWAIT|LOG_ODELAY,LOG_DAEMON);
 
 while ((c=getopt_long(argc,argv,"L:d:vhpqFV1g",CFDOPTIONS,&optindex)) != EOF)
@@ -216,15 +216,15 @@ LOGGING = true;                    /* Do
 
  /* XXX Initialize workdir for non privileged users */
 
-strcpy(CFWORKDIR,WORKDIR);
+(void)strlcpy(CFWORKDIR,WORKDIR,sizeof(CFWORKDIR));
 
 if (getuid() > 0)
    {
    char *homedir;
    if ((homedir = getenv("HOME")) != NULL)
       {
-      strcpy(CFWORKDIR,homedir);
-      strcat(CFWORKDIR,"/.cfagent");
+      (void)strlcpy(CFWORKDIR,homedir,sizeof(CFWORKDIR));
+      (void)strlcat(CFWORKDIR,"/.cfagent",sizeof(CFWORKDIR));
       }
    }
 
@@ -246,7 +246,7 @@ strncpy(VLOGDIR,CFWORKDIR,CF_BUFSIZE-1);
 VCANONICALFILE = strdup(CanonifyName(VINPUTFILE));
 GetNameInfo();
 
-strcpy(VUQNAME,VSYSNAME.nodename);
+(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE);
 
 MAILTO[0] = '\0';
 MAILFROM[0] = '\0';
@@ -555,7 +555,7 @@ for (ip = SCHEDULE; ip != NULL; ip = ip-
       DeleteItemList(VHEAP);
       VHEAP = NULL;
       GetNameInfo();
-      strcpy(VUQNAME,VSYSNAME.nodename);
+      (void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE);
       return true;
       }
    }
@@ -563,7 +563,7 @@ for (ip = SCHEDULE; ip != NULL; ip = ip-
 DeleteItemList(VHEAP);
 VHEAP = NULL; 
 GetNameInfo();
-strcpy(VUQNAME,VSYSNAME.nodename);
+(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE);
 return false;
 }
 
@@ -971,7 +971,7 @@ if (!Dialogue(sd,NULL))
    goto mail_err;
    }
  
-sprintf(VBUFF,"HELO %s\r\n",VFQNAME); 
+(void)snprintf(VBUFF,sizeof(VBUFF),"HELO %s\r\n",VFQNAME); 
 Debug("%s",VBUFF);
 
 if (!Dialogue(sd,VBUFF))
@@ -981,7 +981,7 @@ if (!Dialogue(sd,VBUFF))
 
 if (strlen(MAILFROM) > 0)
    {
-   sprintf(VBUFF,"MAIL FROM: <%s>\r\n",MAILFROM);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",MAILFROM);
    Debug("%s",VBUFF);   
    }
 else
@@ -991,12 +991,12 @@ else
    
    if (strlen(domain) > 0)
       {
-      sprintf(VBUFF,"MAIL FROM: <cfengine@%s>\r\n",domain);
+      (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <cfengine@%s>\r\n",domain);
       Debug("%s",VBUFF);
       }
    else
       {
-      sprintf(VBUFF,"MAIL FROM: <%s>\r\n",to);
+      (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",to);
       Debug("%s",VBUFF);   
       }
    }
@@ -1006,7 +1006,7 @@ if (!Dialogue(sd,VBUFF))
    goto mail_err;
    }
  
-sprintf(VBUFF,"RCPT TO: <%s>\r\n",to);
+(void)snprintf(VBUFF,sizeof(VBUFF),"RCPT TO: <%s>\r\n",to);
 Debug("%s",VBUFF);
 
 if (!Dialogue(sd,VBUFF))
@@ -1021,12 +1021,12 @@ if (!Dialogue(sd,"DATA\r\n"))
 
 if (anomaly)
    {
-   sprintf(VBUFF,"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS);
    Debug("%s",VBUFF);
    }
 else
    {
-   sprintf(VBUFF,"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS);
+   (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS);
    Debug("%s",VBUFF);
    }
  
@@ -1042,18 +1042,18 @@ sent=send(sd,VBUFF,strlen(VBUFF),0);
 
  if (strlen(MAILFROM) == 0)
     {
-    sprintf(VBUFF,"From: cfengine@%s\r\n",VFQNAME);
+    (void)snprintf(VBUFF,sizeof(VBUFF),"From: cfengine@%s\r\n",VFQNAME);
     Debug("%s",VBUFF);
     }
  else
     {
-    sprintf(VBUFF,"From: cfengine@%s\r\n",VFQNAME);
+    (void)snprintf(VBUFF,sizeof(VBUFF),"From: cfengine@%s\r\n",VFQNAME);
     Debug("%s",VBUFF);    
     }
  
 sent=send(sd,VBUFF,strlen(VBUFF),0);
 
-sprintf(VBUFF,"To: %s\r\n\r\n",to); 
+(void)snprintf(VBUFF,sizeof(VBUFF),"To: %s\r\n\r\n",to); 
 Debug("%s",VBUFF);
 sent=send(sd,VBUFF,strlen(VBUFF),0);
 
@@ -1066,14 +1066,14 @@ while(!feof(fp))
    if (strlen(VBUFF) > 0)
       {
       VBUFF[strlen(VBUFF)-1] = '\r';
-      strcat(VBUFF, "\n");
+      (void)strlcat(VBUFF, "\n",sizeof(VBUFF));
       count++;
       sent=send(sd,VBUFF,strlen(VBUFF),0);
       }
    
    if ((MAXLINES != INF_LINES) && (count > MAXLINES))
       {
-      sprintf(VBUFF,"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME);
+      (void)snprintf(VBUFF,sizeof(VBUFF),"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME);
       sent=send(sd,VBUFF,strlen(VBUFF),0);
       break;
       }
@@ -1095,7 +1095,7 @@ mail_err: 
 
 fclose(fp);
 close(sd); 
-sprintf(VBUFF, "Cannot mail to %s.", to);
+(void)snprintf(VBUFF, sizeof(VBUFF), "Cannot mail to %s.", to);
 CfLog(cflogonly,VBUFF,"");
 }
 
