$OpenBSD: patch-graphs_c,v 1.3 2011/01/05 08:19:18 giovanni Exp $ --- graphs.c.orig Thu Dec 30 14:52:23 2010 +++ graphs.c Tue Jan 4 08:52:28 2011 @@ -214,7 +214,7 @@ int year_graph6x(char *fname, char *title, struct hist if (j>28) { /* format the year string */ - sprintf(maxvaltxt, "%04d", data[i].year); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%04d", data[i].year); gdImageString(im,gdFontSmall,ci+((i-s_mth)*cs)+(j/2)-12, 236, (unsigned char *)maxvaltxt, CHLEGENDCOLOR); } @@ -227,7 +227,7 @@ int year_graph6x(char *fname, char *title, struct hist if (data[i].page > maxval) maxval = data[i].page; } if (maxval <= 0) maxval = 1; - sprintf(maxvaltxt, "%llu", maxval); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%llu", maxval); gdImageStringUp(im,gdFontSmall,6,26+(strlen(maxvaltxt)*6), (unsigned char *)maxvaltxt,CHLEGENDCOLOR); @@ -274,7 +274,7 @@ int year_graph6x(char *fname, char *title, struct hist if (data[i].visit > maxval) maxval = data[i].visit; } if (maxval <= 0) maxval = 1; - sprintf(maxvaltxt, "%llu", maxval); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%llu", maxval); gdImageStringUp(im, gdFontSmall,493,26+(strlen(maxvaltxt)*6), (unsigned char *)maxvaltxt, CHLEGENDCOLOR); @@ -310,7 +310,7 @@ int year_graph6x(char *fname, char *title, struct hist for (i=s_mth; i fmaxval) fmaxval = data[i].xfer; if (fmaxval <= 0.0) fmaxval = 1.0; - sprintf(maxvaltxt, "%s", hr_size(fmaxval*1024)); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%s", hr_size(fmaxval*1024)); i=strstr(maxvaltxt,"&")-maxvaltxt; /* search for HTML-tag  */ memset(maxvaltxt+i,' ',1); /* add space */ memcpy(maxvaltxt+i+1,maxvaltxt+i+6,strlen(maxvaltxt)-i); /* remove   */ @@ -427,7 +427,7 @@ int month_graph6( char *fname, /* filename if (data7[i] > maxval) maxval = data7[i]; } if (maxval <= 0) maxval = 1; - sprintf(maxvaltxt, "%llu", maxval); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%llu", maxval); gdImageStringUp(im, gdFontSmall,8,26+(strlen(maxvaltxt)*6), (unsigned char *)maxvaltxt,CHLEGENDCOLOR); @@ -549,7 +549,7 @@ int month_graph6( char *fname, /* filename if (data8[i]>maxval) maxval = data8[i]; } if (maxval <= 0) maxval = 1; - sprintf(maxvaltxt, "%llu", maxval); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%llu", maxval); gdImageStringUp(im, gdFontSmall,8,224+(strlen(maxvaltxt)*6), (unsigned char *)maxvaltxt, CHLEGENDCOLOR); @@ -588,7 +588,7 @@ int month_graph6( char *fname, /* filename } } if (fmaxval <= 0.0) fmaxval = 1.0; - sprintf(maxvaltxt, "%s", hr_size(fmaxval)); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%s", hr_size(fmaxval)); i=strstr(maxvaltxt,"&")-maxvaltxt; /* search for HTML-tag  */ memset(maxvaltxt+i,' ',1); /* add space */ memcpy(maxvaltxt+i+1,maxvaltxt+i+6,strlen(maxvaltxt)-i); /* remove   */ @@ -696,7 +696,7 @@ int day_graph3( char *fname, if (data3[i] > maxval) maxval = data3[i]; } if (maxval <= 0) maxval = 1; - sprintf(maxvaltxt, "%llu", maxval); + snprintf(maxvaltxt, sizeof(maxvaltxt), "%llu", maxval); gdImageStringUp(im, gdFontSmall, 8, 26+(strlen(maxvaltxt)*6), (unsigned char *)maxvaltxt, CHLEGENDCOLOR);