diff --git a/www/webalizer/Makefile b/www/webalizer/Makefile index b8d965e0333..42ac78a6799 100644 --- a/www/webalizer/Makefile +++ b/www/webalizer/Makefile @@ -1,11 +1,11 @@ -# $OpenBSD: Makefile,v 1.13 2002/03/30 23:20:24 brad Exp $ +# $OpenBSD: Makefile,v 1.14 2002/04/17 16:17:45 danh Exp $ COMMENT= "web server log file analysis program" -DISTNAME= webalizer-2.01-09-src -PKGNAME= webalizer-2.01.09 +DISTNAME= webalizer-2.01-10-src +PKGNAME= webalizer-2.01.10 CATEGORIES= www -NEED_VERSION= 1.475 +NEED_VERSION= 1.522 MASTER_SITES= ftp://ftp.mrunix.net/pub/webalizer/ EXTRACT_SUFX= .tgz @@ -20,7 +20,7 @@ PERMIT_PACKAGE_FTP= Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WRKDIST= ${WRKDIR}/webalizer-2.01-09 +WRKDIST= ${WRKDIR}/webalizer-2.01-10 CONFIGURE_STYLE= gnu dest CONFIGURE_ARGS= --enable-dns diff --git a/www/webalizer/distinfo b/www/webalizer/distinfo index 6acaaea53c3..55c0f6d2d0b 100644 --- a/www/webalizer/distinfo +++ b/www/webalizer/distinfo @@ -1,3 +1,3 @@ -MD5 (webalizer-2.01-09-src.tgz) = 577faa996d399321ea6abb1c700b6628 -RMD160 (webalizer-2.01-09-src.tgz) = e2832e87c6474b2765471b4f10192ae4730aed7b -SHA1 (webalizer-2.01-09-src.tgz) = 5e4626a07811517f6bb6e63a114793f7673731b6 +MD5 (webalizer-2.01-10-src.tgz) = 9217595005aec46a505e1fb349052a8e +RMD160 (webalizer-2.01-10-src.tgz) = fba235649be96914aae9664ce34d0b9098106100 +SHA1 (webalizer-2.01-10-src.tgz) = b13bceac94b221b5435d45b142d30663d7399f40 diff --git a/www/webalizer/patches/patch-Makefile_in b/www/webalizer/patches/patch-Makefile_in index 0d2d2362508..cface218a8a 100644 --- a/www/webalizer/patches/patch-Makefile_in +++ b/www/webalizer/patches/patch-Makefile_in @@ -1,6 +1,6 @@ -$OpenBSD: patch-Makefile_in,v 1.5 2002/03/25 14:56:55 brad Exp $ ---- Makefile.in.orig Tue Oct 17 00:15:53 2000 -+++ Makefile.in Mon Mar 25 09:28:43 2002 +$OpenBSD: patch-Makefile_in,v 1.6 2002/04/17 16:17:45 danh Exp $ +--- Makefile.in.orig Wed Apr 17 11:40:20 2002 ++++ Makefile.in Wed Apr 17 11:41:02 2002 @@ -86,9 +86,9 @@ distclean: clean install: all $(INSTALL_PROGRAM) webalizer ${BINDIR}/webalizer diff --git a/www/webalizer/patches/patch-dns_resolv_c b/www/webalizer/patches/patch-dns_resolv_c new file mode 100644 index 00000000000..5ccc5cc3984 --- /dev/null +++ b/www/webalizer/patches/patch-dns_resolv_c @@ -0,0 +1,32 @@ +$OpenBSD: patch-dns_resolv_c,v 1.3 2002/04/17 16:17:45 danh Exp $ +--- dns_resolv.c.orig Wed Apr 17 11:45:23 2002 ++++ dns_resolv.c Wed Apr 17 11:46:53 2002 +@@ -153,7 +153,7 @@ void resolve_dns(struct log_struct *log_ + case 0: + { + memcpy(&alignedRecord, response.data, sizeof(struct dnsRecord)); +- strncpy (log_rec->hostname, ++ strlcpy (log_rec->hostname, + ((struct dnsRecord *)response.data)->hostName, + MAXHOST); + log_rec->hostname[MAXHOST]=0; +@@ -263,7 +263,7 @@ int dns_resolver(void *log_fp) + continue; /* go get next record if any */ + } + +- strcpy(tmp_buf, buffer); /* save buffer in case of error */ ++ strlcpy(tmp_buf, buffer, sizeof tmp_buf); /* save buffer in case of error */ + if(parse_record(buffer)) /* parse the record */ + { + if((log_rec.addr.s_addr = inet_addr(log_rec.hostname)) != INADDR_NONE) +@@ -446,8 +446,8 @@ static void process_list(DNODEPTR l_list + + /* If long hostname, take max domain name part */ + if ((size = strlen(res_ent->h_name)) > MAXHOST-2) +- strcpy(child_buf,(res_ent->h_name+(size-MAXHOST+1))); +- else strcpy(child_buf, res_ent->h_name); ++ strlcpy(child_buf,(res_ent->h_name+(size-MAXHOST+1)),sizeof child_buf); ++ else strlcpy(child_buf, res_ent->h_name, sizeof child_buf); + size = strlen(child_buf); + } + else diff --git a/www/webalizer/patches/patch-graphs_c b/www/webalizer/patches/patch-graphs_c new file mode 100644 index 00000000000..d3075099f5e --- /dev/null +++ b/www/webalizer/patches/patch-graphs_c @@ -0,0 +1,84 @@ +$OpenBSD: patch-graphs_c,v 1.1 2002/04/17 16:17:45 danh Exp $ +--- graphs.c.orig Wed Apr 17 11:07:33 2002 ++++ graphs.c Wed Apr 17 11:11:43 2002 +@@ -137,7 +137,7 @@ int year_graph6x( char *fname, + if (data5[i] > maxval) maxval = data5[i]; + } + if (maxval <= 0) maxval = 1; +- sprintf(maxvaltxt, "%lu", maxval); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%lu", maxval); + gdImageStringUp(im,gdFontSmall,8,26+(strlen(maxvaltxt)*6),maxvaltxt,black); + + if (graph_legend) /* print color coded legends? */ +@@ -221,7 +221,7 @@ int year_graph6x( char *fname, + if (data6[i] > maxval) maxval = data6[i]; + } + if (maxval <= 0) maxval = 1; +- sprintf(maxvaltxt, "%lu", maxval); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%lu", maxval); + gdImageStringUp(im, gdFontSmall,493,26+(strlen(maxvaltxt)*6), + maxvaltxt, black); + +@@ -257,7 +257,7 @@ int year_graph6x( char *fname, + for (i=0; i<12; i++) + if (data4[i] > fmaxval) fmaxval = data4[i]; /* get max val */ + if (fmaxval <= 0.0) fmaxval = 1.0; +- sprintf(maxvaltxt, "%.0f", fmaxval); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%.0f", fmaxval); + gdImageStringUp(im, gdFontSmall,493,130+(strlen(maxvaltxt)*6), + maxvaltxt,black); + +@@ -354,7 +354,7 @@ int month_graph6( char *fname, + if (data5[i] > maxval) maxval = data5[i]; + } + if (maxval <= 0) maxval = 1; +- sprintf(maxvaltxt, "%lu", maxval); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%lu", maxval); + gdImageStringUp(im, gdFontSmall,8,26+(strlen(maxvaltxt)*6), + maxvaltxt,black); + +@@ -434,7 +434,7 @@ int month_graph6( char *fname, + if (data6[i]>maxval) maxval = data6[i]; + } + if (maxval <= 0) maxval = 1; +- sprintf(maxvaltxt, "%lu", maxval); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%lu", maxval); + gdImageStringUp(im, gdFontSmall,8,180+(strlen(maxvaltxt)*6), + maxvaltxt, black); + +@@ -467,7 +467,7 @@ int month_graph6( char *fname, + for (i=0; i<31; i++) + if (data4[i]>fmaxval) fmaxval = data4[i]; + if (fmaxval <= 0.0) fmaxval = 1.0; +- sprintf(maxvaltxt, "%.0f", fmaxval/1024); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%.0f", fmaxval/1024); + gdImageStringUp(im, gdFontSmall,8,280+(strlen(maxvaltxt)*6), + maxvaltxt, black); + +@@ -531,7 +531,7 @@ int day_graph3( char *fname, + if (data3[i] > maxval) maxval = data3[i]; + } + if (maxval <= 0) maxval = 1; +- sprintf(maxvaltxt, "%lu", maxval); ++ snprintf(maxvaltxt, sizeof maxvaltxt, "%lu", maxval); + gdImageStringUp(im, gdFontSmall, 8, 26+(strlen(maxvaltxt)*6), + maxvaltxt, black); + +@@ -654,7 +654,7 @@ int pie_chart(char *fname, char *title, + gdImageLine(im, CX, CY, gdata.x, gdata.y, black); + gdImageFill(im, gdata.mx, gdata.my, i+4); + +- sprintf(buffer,"%s (%d%%)",legend[i], percent); ++ snprintf(buffer, sizeof buffer, "%s (%d%%)",legend[i], percent); + x=480-(strlen(buffer)*7); + gdImageString(im,gdFontMediumBold, x+1, y+1, buffer, black); + gdImageString(im,gdFontMediumBold, x, y, buffer, i+4); +@@ -667,7 +667,7 @@ int pie_chart(char *fname, char *title, + gdata=*calc_arc(s_arc,1.0); + + gdImageFill(im, gdata.mx, gdata.my, white); +- sprintf(buffer,"%s (%d%%)",msg_h_other,100-(int)(s_arc*100)); ++ snprintf(buffer, sizeof buffer, "%s (%d%%)",msg_h_other,100-(int)(s_arc*100)); + x=480-(strlen(buffer)*7); + gdImageString(im,gdFontMediumBold, x+1, y+1, buffer, black); + gdImageString(im,gdFontMediumBold, x, y, buffer, white); diff --git a/www/webalizer/patches/patch-linklist_c b/www/webalizer/patches/patch-linklist_c new file mode 100644 index 00000000000..244911196e8 --- /dev/null +++ b/www/webalizer/patches/patch-linklist_c @@ -0,0 +1,33 @@ +$OpenBSD: patch-linklist_c,v 1.1 2002/04/17 16:17:45 danh Exp $ +--- linklist.c.orig Wed Apr 17 11:15:16 2002 ++++ linklist.c Wed Apr 17 11:18:20 2002 +@@ -118,7 +118,7 @@ NLISTPTR new_nlist(char *str) + fprintf(stderr,"[new_nlist] %s\n",msg_big_one); + } + if (( newptr = malloc(sizeof(struct nlist))) != NULL) +- {strncpy(newptr->string, str, sizeof(newptr->string));newptr->next=NULL;} ++ {strlcpy(newptr->string, str, sizeof(newptr->string));newptr->next=NULL;} + return newptr; + } + +@@ -176,8 +176,8 @@ GLISTPTR new_glist(char *str, char *name + } + if (( newptr = malloc(sizeof(struct glist))) != NULL) + { +- strncpy(newptr->string, str, sizeof(newptr->string)); +- strncpy(newptr->name, name, sizeof(newptr->name)); ++ strlcpy(newptr->string, str, sizeof(newptr->string)); ++ strlcpy(newptr->name, name, sizeof(newptr->name)); + newptr->next=NULL; + } + return newptr; +@@ -194,8 +194,7 @@ int add_glist(char *str, GLISTPTR *list) + char *name=temp_buf; + + /* make local copy of string */ +- strncpy(temp_buf,str,79); +- temp_buf[79]=0; ++ strlcpy(temp_buf,str,sizeof temp_buf); + + while (!isspace((int)*name)&&*name!=0) name++; + if (*name==0) name=temp_buf; diff --git a/www/webalizer/patches/patch-output_c b/www/webalizer/patches/patch-output_c new file mode 100644 index 00000000000..9877671226d --- /dev/null +++ b/www/webalizer/patches/patch-output_c @@ -0,0 +1,213 @@ +$OpenBSD: patch-output_c,v 1.1 2002/04/17 16:17:45 danh Exp $ +--- output.c.orig Wed Apr 17 11:19:13 2002 ++++ output.c Wed Apr 17 11:24:20 2002 +@@ -295,14 +295,14 @@ int write_month_html() + hist_lday[i] = l_day; + + /* fill in filenames */ +- sprintf(html_fname,"usage_%04d%02d.%s",cur_year,cur_month,html_ext); +- sprintf(png1_fname,"daily_usage_%04d%02d.png",cur_year,cur_month); +- sprintf(png2_fname,"hourly_usage_%04d%02d.png",cur_year,cur_month); ++ snprintf(html_fname,sizeof html_fname,"usage_%04d%02d.%s",cur_year,cur_month,html_ext); ++ snprintf(png1_fname,sizeof png1_fname,"daily_usage_%04d%02d.png",cur_year,cur_month); ++ snprintf(png2_fname,sizeof png2_fname,"hourly_usage_%04d%02d.png",cur_year,cur_month); + + /* create PNG images for web page */ + if (daily_graph) + { +- sprintf(dtitle,"%s %s %d",msg_hmth_du,l_month[cur_month-1],cur_year); ++ snprintf(dtitle,sizeof dtitle,"%s %s %d",msg_hmth_du,l_month[cur_month-1],cur_year); + month_graph6 ( png1_fname, /* filename */ + dtitle, /* graph title */ + cur_month, /* graph month */ +@@ -317,7 +317,7 @@ int write_month_html() + + if (hourly_graph) + { +- sprintf(htitle,"%s %s %d",msg_hmth_hu,l_month[cur_month-1],cur_year); ++ snprintf(htitle,sizeof htitle,"%s %s %d",msg_hmth_hu,l_month[cur_month-1],cur_year); + day_graph3( png2_fname, + htitle, + th_hit, +@@ -329,7 +329,7 @@ int write_month_html() + /* first, open the file */ + if ( (out_fp=open_out_file(html_fname))==NULL ) return 1; + +- sprintf(buffer,"%s %d",l_month[cur_month-1],cur_year); ++ snprintf(buffer,sizeof buffer,"%s %d",l_month[cur_month-1],cur_year); + write_html_head(buffer, out_fp); + month_links(); + month_total_table(); +@@ -938,12 +938,12 @@ int all_sites_page(u_long h_reg, u_long + int i=(h_grp)?1:0; + + /* generate file name */ +- sprintf(site_fname,"site_%04d%02d.%s",cur_year,cur_month,html_ext); ++ snprintf(site_fname,sizeof site_fname,"site_%04d%02d.%s",cur_year,cur_month,html_ext); + + /* open file */ + if ( (out_fp=open_out_file(site_fname))==NULL ) return 0; + +- sprintf(buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_sites); ++ snprintf(buffer,sizeof buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_sites); + write_html_head(buffer, out_fp); + + fprintf(out_fp,"
\n");
+@@ -1143,12 +1143,12 @@ int all_urls_page(u_long u_reg, u_long u
+    int      i=(u_grp)?1:0;
+ 
+    /* generate file name */
+-   sprintf(url_fname,"url_%04d%02d.%s",cur_year,cur_month,html_ext);
++   snprintf(url_fname,sizeof url_fname,"url_%04d%02d.%s",cur_year,cur_month,html_ext);
+ 
+    /* open file */
+    if ( (out_fp=open_out_file(url_fname))==NULL ) return 0;
+ 
+-   sprintf(buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_url);
++   snprintf(buffer,sizeof buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_url);
+    write_html_head(buffer, out_fp);
+ 
+    fprintf(out_fp,"
\n");
+@@ -1414,12 +1414,12 @@ int all_refs_page(u_long r_reg, u_long r
+    int      i=(r_grp)?1:0;
+ 
+    /* generate file name */
+-   sprintf(ref_fname,"ref_%04d%02d.%s",cur_year,cur_month,html_ext);
++   snprintf(ref_fname,sizeof ref_fname,"ref_%04d%02d.%s",cur_year,cur_month,html_ext);
+ 
+    /* open file */
+    if ( (out_fp=open_out_file(ref_fname))==NULL ) return 0;
+ 
+-   sprintf(buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_ref);
++   snprintf(buffer,sizeof buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_ref);
+    write_html_head(buffer, out_fp);
+ 
+    fprintf(out_fp,"
\n");
+@@ -1566,12 +1566,12 @@ int all_agents_page(u_long a_reg, u_long
+    int      i=(a_grp)?1:0;
+ 
+    /* generate file name */
+-   sprintf(agent_fname,"agent_%04d%02d.%s",cur_year,cur_month,html_ext);
++   snprintf(agent_fname,sizeof agent_fname,"agent_%04d%02d.%s",cur_year,cur_month,html_ext);
+ 
+    /* open file */
+    if ( (out_fp=open_out_file(agent_fname))==NULL ) return 0;
+ 
+-   sprintf(buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_agent);
++   snprintf(buffer,sizeof buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_agent);
+    write_html_head(buffer, out_fp);
+ 
+    fprintf(out_fp,"
\n");
+@@ -1700,12 +1700,12 @@ int all_search_page(u_long tot_num, u_lo
+    if (!tot_num) return 0;
+ 
+    /* generate file name */
+-   sprintf(search_fname,"search_%04d%02d.%s",cur_year,cur_month,html_ext);
++   snprintf(search_fname,sizeof search_fname,"search_%04d%02d.%s",cur_year,cur_month,html_ext);
+ 
+    /* open file */
+    if ( (out_fp=open_out_file(search_fname))==NULL ) return 0;
+ 
+-   sprintf(buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_search);
++   snprintf(buffer,sizeof buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_search);
+    write_html_head(buffer, out_fp);
+ 
+    fprintf(out_fp,"
\n");
+@@ -1843,12 +1843,12 @@ int all_users_page(u_long i_reg, u_long 
+    int      i=(i_grp)?1:0;
+ 
+    /* generate file name */
+-   sprintf(user_fname,"user_%04d%02d.%s",cur_year,cur_month,html_ext);
++   snprintf(user_fname,sizeof user_fname,"user_%04d%02d.%s",cur_year,cur_month,html_ext);
+ 
+    /* open file */
+    if ( (out_fp=open_out_file(user_fname))==NULL ) return 0;
+ 
+-   sprintf(buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_uname);
++   snprintf(buffer,sizeof buffer,"%s %d - %s",l_month[cur_month-1],cur_year,msg_h_uname);
+    write_html_head(buffer, out_fp);
+ 
+    fprintf(out_fp,"
\n");
+@@ -1998,8 +1998,8 @@ void top_ctry_table()
+          pie_data[i]=top_ctrys[i]->count;           /* load the array       */
+          pie_legend[i]=top_ctrys[i]->desc;
+       }
+-      sprintf(pie_title,"%s %s %d",msg_ctry_use,l_month[cur_month-1],cur_year);
+-      sprintf(pie_fname,"ctry_usage_%04d%02d.png",cur_year,cur_month);
++      snprintf(pie_title,sizeof pie_title,"%s %s %d",msg_ctry_use,l_month[cur_month-1],cur_year);
++      snprintf(pie_fname,sizeof pie_fname,"ctry_usage_%04d%02d.png",cur_year,cur_month);
+ 
+       pie_chart(pie_fname,pie_title,t_hit,pie_data,pie_legend);  /* do it   */
+ 
+@@ -2063,7 +2063,7 @@ void dump_all_sites()
+    u_long   cnt=a_ctr;
+ 
+    /* generate file name */
+-   sprintf(filename,"%s/site_%04d%02d.%s",
++   snprintf(filename,sizeof filename,"%s/site_%04d%02d.%s",
+       (dump_path)?dump_path:".",cur_year,cur_month,dump_ext);
+ 
+    /* open file */
+@@ -2106,7 +2106,7 @@ void dump_all_urls()
+    u_long   cnt=a_ctr;
+ 
+    /* generate file name */
+-   sprintf(filename,"%s/url_%04d%02d.%s",
++   snprintf(filename,sizeof filename,"%s/url_%04d%02d.%s",
+       (dump_path)?dump_path:".",cur_year,cur_month,dump_ext);
+ 
+    /* open file */
+@@ -2146,7 +2146,7 @@ void dump_all_refs()
+    u_long   cnt=a_ctr;
+ 
+    /* generate file name */
+-   sprintf(filename,"%s/ref_%04d%02d.%s",
++   snprintf(filename,sizeof filename,"%s/ref_%04d%02d.%s",
+       (dump_path)?dump_path:".",cur_year,cur_month,dump_ext);
+ 
+    /* open file */
+@@ -2185,7 +2185,7 @@ void dump_all_agents()
+    u_char   cnt=a_ctr;
+ 
+    /* generate file name */
+-   sprintf(filename,"%s/agent_%04d%02d.%s",
++   snprintf(filename,sizeof filename,"%s/agent_%04d%02d.%s",
+       (dump_path)?dump_path:".",cur_year,cur_month,dump_ext);
+ 
+    /* open file */
+@@ -2224,7 +2224,7 @@ void dump_all_users()
+    u_long   cnt=a_ctr;
+ 
+    /* generate file name */
+-   sprintf(filename,"%s/user_%04d%02d.%s",
++   snprintf(filename,sizeof filename,"%s/user_%04d%02d.%s",
+       (dump_path)?dump_path:".",cur_year,cur_month,dump_ext);
+ 
+    /* open file */
+@@ -2267,7 +2267,7 @@ void dump_all_search()
+    u_char   cnt=a_ctr;
+ 
+    /* generate file name */
+-   sprintf(filename,"%s/search_%04d%02d.%s",
++   snprintf(filename,sizeof filename,"%s/search_%04d%02d.%s",
+       (dump_path)?dump_path:".",cur_year,cur_month,dump_ext);
+ 
+    /* open file */
+@@ -2312,7 +2312,7 @@ int write_main_index()
+ 
+    if (verbose>1) printf("%s\n",msg_gen_sum);
+ 
+-   sprintf(buffer,"%s %s",msg_main_us,hname);
++   snprintf(buffer,sizeof buffer,"%s %s",msg_main_us,hname);
+ 
+    for (i=0;i<12;i++)                   /* get last month in history */
+    {
+@@ -2338,7 +2338,7 @@ int write_main_index()
+                    hist_visit);         /* data set 6        */
+ 
+    /* now do html stuff... */
+-   sprintf(index_fname,"index.%s",html_ext);
++   snprintf(index_fname,sizeof index_fname,"index.%s",html_ext);
+ 
+    if ( (out_fp=fopen(index_fname,"w")) == NULL)
+    {
diff --git a/www/webalizer/patches/patch-parser_c b/www/webalizer/patches/patch-parser_c
new file mode 100644
index 00000000000..5fca9bde131
--- /dev/null
+++ b/www/webalizer/patches/patch-parser_c
@@ -0,0 +1,23 @@
+$OpenBSD: patch-parser_c,v 1.1 2002/04/17 16:17:45 danh Exp $
+--- parser.c.orig	Wed Apr 17 11:26:51 2002
++++ parser.c	Wed Apr 17 11:33:35 2002
+@@ -162,7 +162,7 @@ int parse_record_ftp(char *buffer)
+    if (i<1 || i>31) return 0;
+ 
+    /* format date/time field         */
+-   sprintf(log_rec.datetime,"[%02d/%s/%4d:%s -0000]",i,cpx,j,cpy);
++   snprintf(log_rec.datetime,sizeof log_rec.datetime,"[%02d/%s/%4d:%s -0000]",i,cpx,j,cpy);
+ 
+    /* skip seconds... */
+    while (*cp1!=0 && cp11)
+    {
+-      sprintf(buffer,"%02d/%02d/%04d %02d:%02d:%02d",
++      snprintf(buffer,sizeof buffer,"%02d/%02d/%04d %02d:%02d:%02d",
+        cur_month,cur_day,cur_year,cur_hour,cur_min,cur_sec);
+       printf("%s [%s]\n",msg_put_data,buffer);
+    }
+ 
+    /* first, save the easy stuff */
+    /* Header record */
+-   sprintf(buffer,
++   snprintf(buffer,sizeof buffer,
+      "# Webalizer V%s-%s Incremental Data - %02d/%02d/%04d %02d:%02d:%02d\n",
+       version,editlvl,cur_month,cur_day,cur_year,cur_hour,cur_min,cur_sec);
+    if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+ 
+    /* Current date/time          */
+-   sprintf(buffer,"%d %d %d %d %d %d\n",
++   snprintf(buffer,sizeof buffer,"%d %d %d %d %d %d\n",
+         cur_year, cur_month, cur_day, cur_hour, cur_min, cur_sec);
+    if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+ 
+    /* Monthly totals for sites, urls, etc... */
+-   sprintf(buffer,"%lu %lu %lu %lu %lu %lu %.0f %lu %lu %lu\n",
++   snprintf(buffer,sizeof buffer,"%lu %lu %lu %lu %lu %lu %.0f %lu %lu %lu\n",
+         t_hit, t_file, t_site, t_url,
+         t_ref, t_agent, t_xfer, t_page, t_visit, t_user);
+    if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+ 
+    /* Daily totals for sites, urls, etc... */
+-   sprintf(buffer,"%lu %lu %lu %d %d\n",
++   snprintf(buffer,sizeof buffer,"%lu %lu %lu %d %d\n",
+         dt_site, ht_hit, mh_hit, f_day, l_day);
+    if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+ 
+    /* Monthly (by day) total array */
+    for (i=0;i<31;i++)
+    {
+-      sprintf(buffer,"%lu %lu %.0f %lu %lu %lu\n",
++      snprintf(buffer,sizeof buffer,"%lu %lu %.0f %lu %lu %lu\n",
+         tm_hit[i],tm_file[i],tm_xfer[i],tm_site[i],tm_page[i],tm_visit[i]);
+       if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+    }
+@@ -235,7 +235,7 @@ int save_state()
+    /* Daily (by hour) total array */
+    for (i=0;i<24;i++)
+    {
+-      sprintf(buffer,"%lu %lu %.0f %lu\n",
++      snprintf(buffer,sizeof buffer,"%lu %lu %.0f %lu\n",
+         th_hit[i],th_file[i],th_xfer[i],th_page[i]);
+       if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+    }
+@@ -243,7 +243,7 @@ int save_state()
+    /* Response codes */
+    for (i=0;istring,
++         snprintf(buffer,sizeof buffer,"%s\n%d %lu %lu %.0f %lu %lu\n", uptr->string,
+               uptr->flag, uptr->count, uptr->files, uptr->xfer,
+               uptr->entry, uptr->exit);
+          if (fputs(buffer,fp)==EOF) return 1;
+@@ -272,7 +272,7 @@ int save_state()
+       hptr=sm_htab[i];
+       while (hptr!=NULL)
+       {
+-         sprintf(buffer,"%s\n%d %lu %lu %.0f %lu %lu\n%s\n",
++         snprintf(buffer,sizeof buffer,"%s\n%d %lu %lu %.0f %lu %lu\n%s\n",
+               hptr->string,
+               hptr->flag,
+               hptr->count,
+@@ -294,7 +294,7 @@ int save_state()
+       hptr=sd_htab[i];
+       while (hptr!=NULL)
+       {
+-         sprintf(buffer,"%s\n%d %lu %lu %.0f %lu %lu\n%s\n",
++         snprintf(buffer,sizeof buffer,"%s\n%d %lu %lu %.0f %lu %lu\n%s\n",
+               hptr->string,
+               hptr->flag,
+               hptr->count,
+@@ -318,7 +318,7 @@ int save_state()
+          rptr=rm_htab[i];
+          while (rptr!=NULL)
+          {
+-            sprintf(buffer,"%s\n%d %lu\n", rptr->string,
++            snprintf(buffer,sizeof buffer,"%s\n%d %lu\n", rptr->string,
+                  rptr->flag, rptr->count);
+             if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+             rptr=rptr->next;
+@@ -336,7 +336,7 @@ int save_state()
+          aptr=am_htab[i];
+          while (aptr!=NULL)
+          {
+-            sprintf(buffer,"%s\n%d %lu\n", aptr->string,
++            snprintf(buffer,sizeof buffer,"%s\n%d %lu\n", aptr->string,
+                  aptr->flag, aptr->count);
+             if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+             aptr=aptr->next;
+@@ -352,7 +352,7 @@ int save_state()
+       sptr=sr_htab[i];
+       while (sptr!=NULL)
+       {
+-         sprintf(buffer,"%s\n%lu\n", sptr->string,sptr->count);
++         snprintf(buffer,sizeof buffer,"%s\n%lu\n", sptr->string,sptr->count);
+          if (fputs(buffer,fp)==EOF) return 1;  /* error exit */
+          sptr=sptr->next;
+       }
+@@ -367,7 +367,7 @@ int save_state()
+       iptr=im_htab[i];
+       while (iptr!=NULL)
+       {
+-         sprintf(buffer,"%s\n%d %lu %lu %.0f %lu %lu\n",
++         snprintf(buffer,sizeof buffer,"%s\n%d %lu %lu %.0f %lu %lu\n",
+               iptr->string,
+               iptr->flag,
+               iptr->count,
+@@ -417,7 +417,7 @@ int restore_state()
+    if (verbose>1) printf("%s %s\n",msg_get_data,state_fname);
+ 
+    /* get easy stuff */
+-   sprintf(tmp_buf,"# Webalizer V%s    ",version);
++   snprintf(tmp_buf,sizeof tmp_buf,"# Webalizer V%s    ",version);
+    if ((fgets(buffer,BUFSIZE,fp)) != NULL)                 /* Header record */
+      {if (strncmp(buffer,tmp_buf,17)) return 99;} /* bad magic? */
+    else return 1;   /* error exit */
+@@ -493,8 +493,7 @@ int restore_state()
+    while ((fgets(buffer,BUFSIZE,fp)) != NULL)
+    {
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXURLH);
+-      tmp_buf[strlen(tmp_buf)-1]=0;
++      strlcpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 10;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 10;  /* error exit */
+@@ -524,8 +523,7 @@ int restore_state()
+    {
+       /* Check for end of table */
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXHOST);
+-      tmp_buf[strlen(buffer)-1]=0;
++      strlcpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 8;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 8;  /* error exit */
+@@ -564,8 +562,7 @@ int restore_state()
+    {
+       /* Check for end of table */
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXHOST);
+-      tmp_buf[strlen(buffer)-1]=0;
++      strlcpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 9;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 9;  /* error exit */
+@@ -603,8 +600,7 @@ int restore_state()
+    while ((fgets(buffer,BUFSIZE,fp)) != NULL)
+    {
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXREFH);
+-      tmp_buf[strlen(buffer)-1]=0;
++      strlcpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 11;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 11;  /* error exit */
+@@ -628,8 +624,7 @@ int restore_state()
+    while ((fgets(buffer,BUFSIZE,fp)) != NULL)
+    {
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXAGENT);
+-      tmp_buf[strlen(buffer)-1]=0;
++      strlcpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 12;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 12;  /* error exit */
+@@ -653,8 +648,7 @@ int restore_state()
+    while ((fgets(buffer,BUFSIZE,fp)) != NULL)
+    {
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXSRCH);
+-      tmp_buf[strlen(buffer)-1]=0;
++      strlcpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 13;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 13;  /* error exit */
+@@ -678,8 +672,7 @@ int restore_state()
+    {
+       /* Check for end of table */
+       if (!strncmp(buffer,"# End Of Table ",15)) break;
+-      strncpy(tmp_buf,buffer,MAXIDENT);
+-      tmp_buf[strlen(buffer)-1]=0;
++      strncpy(tmp_buf,buffer,sizeof tmp_buf);
+ 
+       if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 14;  /* error exit */
+       if (!isdigit((int)buffer[0])) return 14;  /* error exit */
diff --git a/www/webalizer/patches/patch-sample_conf b/www/webalizer/patches/patch-sample_conf
index 6e5ce1bc45d..87491719843 100644
--- a/www/webalizer/patches/patch-sample_conf
+++ b/www/webalizer/patches/patch-sample_conf
@@ -1,6 +1,6 @@
-$OpenBSD: patch-sample_conf,v 1.1 2000/11/20 00:46:32 danh Exp $
---- sample.conf.orig	Sun Nov 19 19:32:10 2000
-+++ sample.conf	Sun Nov 19 19:33:39 2000
+$OpenBSD: patch-sample_conf,v 1.2 2002/04/17 16:17:45 danh Exp $
+--- sample.conf.orig	Wed Apr 17 11:41:44 2002
++++ sample.conf	Wed Apr 17 11:42:47 2002
 @@ -25,7 +25,7 @@
  # the log filename ends in '.gz' (ie: a gzip compressed file), it will
  # be decompressed on the fly as it is being read.
@@ -19,3 +19,12 @@ $OpenBSD: patch-sample_conf,v 1.1 2000/11/20 00:46:32 danh Exp $
  
  # HistoryName allows you to specify the name of the history file produced
  # by the Webalizer.  The history file keeps the data for up to 12 months
+@@ -540,7 +540,7 @@ SearchEngine	northernlight.com  qr=
+ # it will default to the current output directory.  Do not use a
+ # trailing slash ('/').
+ 
+-#DumpPath	/var/lib/httpd/logs
++#DumpPath	/var/www/logs
+ 
+ # The DumpHeader keyword specifies if a header record should be
+ # written to the file.  A header record is the first record of the
diff --git a/www/webalizer/patches/patch-webalizer_c b/www/webalizer/patches/patch-webalizer_c
new file mode 100644
index 00000000000..ef420c1e27c
--- /dev/null
+++ b/www/webalizer/patches/patch-webalizer_c
@@ -0,0 +1,48 @@
+$OpenBSD: patch-webalizer_c,v 1.3 2002/04/17 16:17:45 danh Exp $
+--- webalizer.c.orig	Wed Apr 17 11:59:59 2002
++++ webalizer.c	Wed Apr 17 12:05:26 2002
+@@ -263,7 +263,7 @@ int main(int argc, char *argv[])
+    /* add default index. alias */
+    add_nlist("index.",&index_alias);
+ 
+-   sprintf(tmp_buf,"%s/webalizer.conf",ETCDIR);
++   snprintf(tmp_buf,sizeof tmp_buf,"%s/webalizer.conf",ETCDIR);
+    /* check for default config file */
+    if (!access("webalizer.conf",F_OK))
+       get_config("webalizer.conf");
+@@ -560,7 +560,7 @@ int main(int argc, char *argv[])
+       }
+ 
+       /* got a record... */
+-      strcpy(tmp_buf, buffer);            /* save buffer in case of error */
++      strlcpy(tmp_buf, buffer, sizeof tmp_buf);            /* save buffer in case of error */
+       if (parse_record(buffer))           /* parse the record             */
+       {
+          /*********************************************/
+@@ -750,7 +750,7 @@ int main(int argc, char *argv[])
+                if (!isurlchar(*cp1))
+                {
+                   /* Save query portion in log.rec.srchstr */
+-                  strncpy(log_rec.srchstr,cp1,MAXSRCH);
++                  strlcpy(log_rec.srchstr,cp1,sizeof log_rec.srchstr);
+                   *cp1++='\0';
+                   break;
+                }
+@@ -1007,7 +1007,7 @@ int main(int argc, char *argv[])
+ 
+          /* Catch blank hostnames here */
+          if (log_rec.hostname[0]=='\0')
+-            strncpy(log_rec.hostname,"Unknown",8);
++            strlcpy(log_rec.hostname,"Unknown",sizeof log_rec.hostname);
+ 
+          /* Ignore/Include check */
+          if ( (isinlist(include_sites,log_rec.hostname)==NULL) &&
+@@ -1809,7 +1809,7 @@ void srch_string(char *ptr)
+    if ( (cps=isinglist(search_list,log_rec.refer))==NULL) return; 
+ 
+    /* Try to find query variable */
+-   srch[0]='?'; strcpy(&srch[1],cps);              /* First, try "?..."      */
++   srch[0]='?'; strlcpy(&srch[1],cps,(sizeof srch) - 1);              /* First, try "?..."      */
+    if ((cp1=strstr(ptr,srch))==NULL)
+    {
+       srch[0]='&';                                 /* Next, try "&..."       */