diff -ruN hfaxd/HylaFAXServer.c++.orig hfaxd/HylaFAXServer.c++ --- hfaxd/HylaFAXServer.c++.orig Sun Jun 13 00:41:13 1999 +++ hfaxd/HylaFAXServer.c++ Mon Jun 12 21:52:40 2000 @@ -161,9 +161,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0); vlogError(fmt, ap); } @@ -172,9 +172,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0); vlogWarning(fmt, ap); } @@ -530,7 +530,7 @@ filename, line); seqnum = 1; } - sprintf(line, "%u", NEXTSEQNUM(seqnum+count)); + snprintf(line, sizeof(line), "%u", NEXTSEQNUM(seqnum+count)); lseek(fd, 0, SEEK_SET); if (Sys::write(fd, line, strlen(line)) != strlen(line) || ftruncate(fd,strlen(line))) { diff -ruN hfaxd/Jobs.c++.orig hfaxd/Jobs.c++ --- hfaxd/Jobs.c++.orig Sun Jun 13 00:41:14 1999 +++ hfaxd/Jobs.c++ Mon Jun 12 21:52:40 2000 @@ -1646,7 +1646,8 @@ fprintf(fd, fspec, (const char*) job.company); break; case 'D': - sprintf(tmpbuf, "%2u:%-2u", job.totdials, job.maxdials); + snprintf(tmpbuf, sizeof(tmpbuf), "%2u:%-2u", job.totdials, + job.maxdials); fprintf(fd, fspec, tmpbuf); break; case 'E': @@ -1683,7 +1684,8 @@ fprintf(fd, fspec, "N "[job.useccover]); break; case 'P': - sprintf(tmpbuf, "%2u:%-2u", job.npages, job.totpages); + snprintf(tmpbuf, sizeof(tmpbuf), "%2u:%-2u", job.npages, + job.totpages); fprintf(fd, fspec, tmpbuf); break; case 'Q': @@ -1696,11 +1698,12 @@ fprintf(fd, fspec, (const char*) job.sender); break; case 'T': - sprintf(tmpbuf, "%2u:%-2u", job.tottries, job.maxtries); + snprintf(tmpbuf, sizeof(tmpbuf), "%2u:%-2u", job.tottries, + job.maxtries); fprintf(fd, fspec, tmpbuf); break; case 'U': - sprintf(tmpbuf, "%.1f", job.chopthreshold); + snprintf(tmpbuf, sizeof(tmpbuf), "%.1f", job.chopthreshold); fprintf(fd, fspec, tmpbuf); break; case 'V': diff -ruN hfaxd/OldProtocol.c++.orig hfaxd/OldProtocol.c++ --- hfaxd/OldProtocol.c++.orig Sun Jun 13 00:41:15 1999 +++ hfaxd/OldProtocol.c++ Mon Jun 12 21:52:40 2000 @@ -352,8 +352,8 @@ OldProtocolServer::vsendClient(const char* tag, const char* fmt, va_list ap) { char buf[2048]; - sprintf(buf, "%s:", tag); - vsprintf(strchr(buf,'\0'), fmt, ap); + snprintf(buf, sizeof(buf), "%s:", tag); + vsnprintf(strchr(buf,'\0'), sizeof(buf) - (strchr(buf,'\0') - buf), fmt, ap); fprintf(stdout, "%s\n", buf); if (TRACE(PROTOCOL)) logDebug("%s", buf); @@ -472,19 +472,19 @@ buf[0] = '\0'; if (pwd->pw_gecos) { if (pwd->pw_gecos[0] == '&') { - strcpy(buf, pwd->pw_name); - strcat(buf, pwd->pw_gecos+1); + strlcpy(buf, pwd->pw_name, sizeof(buf)); + strlcat(buf, pwd->pw_gecos+1, sizeof(buf)); if (islower(buf[0])) buf[0] = toupper(buf[0]); } else - strcpy(buf, pwd->pw_gecos); + strlcpy(buf, pwd->pw_gecos, sizeof(buf)); if ((cp = strchr(buf,',')) != 0) *cp = '\0'; /* see FaxClient::setupUserIdentity; strip SysV junk */ if ((cp = strchr(buf,'(')) != 0) *cp = '\0'; } else - strcpy(buf, pwd->pw_name); + strlcpy(buf, pwd->pw_name, sizeof(buf)); if (TRACE(PROTOCOL)) { if (*buf) logDebug("%s user: \"%s\"", pwd->pw_name, buf); diff -ruN hfaxd/Status.c++.orig hfaxd/Status.c++ --- hfaxd/Status.c++.orig Sun Jun 13 00:41:16 1999 +++ hfaxd/Status.c++ Mon Jun 12 21:52:40 2000 @@ -260,16 +260,16 @@ break; case 'r': if (config.maxRecvPages == (u_int) -1) - strcpy(tmpbuf, "INF"); + strlcpy(tmpbuf, "INF", sizeof(tmpbuf)); else - sprintf(tmpbuf, "%u", config.maxRecvPages); + snprintf(tmpbuf, sizeof(tmpbuf), "%u", config.maxRecvPages); fprintf(fd, fspec, config.maxRecvPages); break; case 's': fprintf(fd, fspec, (const char*) config.status); break; case 't': - sprintf(tmpbuf, "%05x:%05x", + snprintf(tmpbuf, sizeof(tmpbuf), "%05x:%05x", config.tracingLevel&0xfffff, config.logTracingLevel&0xfffff); fprintf(fd, fspec, tmpbuf);