$OpenBSD: patch-jhead_c,v 1.4 2006/05/29 17:40:24 sturm Exp $
--- jhead.c.orig	Tue May 23 08:50:41 2006
+++ jhead.c	Tue May 23 08:57:01 2006
@@ -163,7 +163,7 @@ static int FileEditComment(char * TempFi
 #endif
         }
 
-        sprintf(QuotedPath, "%s \"%s\"",Editor, TempFileName);
+        snprintf(QuotedPath, sizeof(QuotedPath), "%s \"%s\"",Editor, TempFileName);
         a = system(QuotedPath);
     }
     
@@ -269,7 +269,8 @@ static int ModifyDescriptComment(char * 
     if (!HasScandate && !ImageInfo.DateTime[0]){
         // Scan date is not in the file yet, and it doesn't have one built in.  Add it.
         char Temp[30];
-        sprintf(Temp, "scan_date=%s", ctime(&ImageInfo.FileDateTime));
+        snprintf(Temp, sizeof(Temp),
+	    "scan_date=%s", ctime(&ImageInfo.FileDateTime));
         strcat(OutComment, Temp);
         Modified = TRUE;
     }
@@ -295,7 +296,9 @@ static int AutoResizeCmdStuff(void)
 
     if (scale < 0.5) scale = 0.5; // Don't scale down by more than a factor of two.
 
-    sprintf(CommandString, "mogrify -geometry %dx%d -quality 85 &i",(int)(ImageInfo.Width*scale), (int)(ImageInfo.Height*scale));
+    snprintf(CommandString, sizeof(CommandString),
+	"mogrify -geometry %dx%d -quality 85 &i",
+	(int)(ImageInfo.Width*scale), (int)(ImageInfo.Height*scale));
     return TRUE;
 }
 
@@ -325,13 +328,15 @@ static void DoCommand(const char * FileN
         if (ApplyCommand[a] == '&'){
             if (ApplyCommand[a+1] == 'i'){
                 // Input file.
-                e += sprintf(ExecString+e, "\"%s\"",FileName);
+                e += snprintf(ExecString+e, sizeof(ExecString) + e,
+		    "\"%s\"",FileName);
                 a += 1;
                 continue;
             }
             if (ApplyCommand[a+1] == 'o'){
                 // Needs an output file distinct from the input file.
-                e += sprintf(ExecString+e, "\"%s\"",TempName);
+                e += snprintf(ExecString+e, sizeof(ExecString) + e,
+		    "\"%s\"",TempName);
                 a += 1;
                 TempUsed = TRUE;
                 unlink(TempName);// Remove any pre-existing temp file
@@ -559,7 +564,8 @@ static void DoFileRenaming(const char * 
                         memcpy(pat, pattern+ppos, 4);
                         pat[a-ppos] = 'd'; // Replace 'i' with 'd' for '%d'
                         pat[a-ppos+1] = '\0';
-                        sprintf(num, pat, FileSequence); // let printf do the number formatting.
+			// let printf do the number formatting.
+                        snprintf(num, sizeof(num), pat, FileSequence);
                         memmove(pattern+ppos+strlen(num), pattern+a+1, strlen(pattern+a+1)+1);
                         memcpy(pattern+ppos, num, strlen(num));
                         break;
@@ -573,8 +579,9 @@ static void DoFileRenaming(const char * 
         strftime(NewBaseName+PrefixPart, PATH_MAX, pattern, &tm);
     }else{
         // My favourite scheme.
-        sprintf(NewBaseName+PrefixPart, "%02d%02d-%02d%02d%02d",
-             tm.tm_mon+1, tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec);
+        snprintf(NewBaseName+PrefixPart, sizeof NewBaseName+PrefixPart,
+	    "%02d%02d-%02d%02d%02d",
+            tm.tm_mon+1, tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec);
     }
 
     for (a=0;;a++){
@@ -598,7 +605,7 @@ static void DoFileRenaming(const char * 
             NameExtra[0] = 0;
         }
 
-        sprintf(NewName, "%s%s.jpg", NewBaseName, NameExtra);
+        snprintf(NewName, sizeof(NewName), "%s%s.jpg", NewBaseName, NameExtra);
 
         if (!strcmp(FileName, NewName)) break; // Skip if its already this name.
 
@@ -608,7 +615,8 @@ static void DoFileRenaming(const char * 
                 printf("%s --> %s\n",FileName, NewName);
 #ifdef _WIN32
                 if (RenameAssociatedFiles){
-                    sprintf(NewName, "%s%s", NewBaseName, NameExtra);
+                    snprintf(NewName, sizeof(NewName),
+			"%s%s", NewBaseName, NameExtra);
                     RenameAssociated(FileName, NewName);
                 }
 #endif
@@ -640,7 +648,8 @@ static int DoAutoRotate(const char * Fil
                 ErrFatal("Orientation screwup");
             }
 
-            sprintf(RotateCommand, "jpegtran -%s -outfile &o &i", Argument);
+            snprintf(RotateCommand, sizeof(RotateCommand),
+		"jpegtran -%s -outfile &o &i", Argument);
             ApplyCommand = RotateCommand;
             DoCommand(FileName, FALSE);
             ApplyCommand = NULL;
@@ -659,7 +668,8 @@ static int DoAutoRotate(const char * Fil
                 strcpy(ThumbTempName_out, FileName);
                 strcat(ThumbTempName_out, ".tho");
                 SaveThumbnail(ThumbTempName_in);
-                sprintf(RotateCommand,"jpegtran -%s -outfile \"%s\" \"%s\"",
+                snprintf(RotateCommand, sizeof(RotateCommand),
+		    "jpegtran -%s -outfile \"%s\" \"%s\"",
                     Argument, ThumbTempName_out, ThumbTempName_in);
 
                 if (system(RotateCommand) == 0){
@@ -687,7 +697,8 @@ static int RegenerateThumbnail(const cha
         return FALSE;
     }
 
-    sprintf(ThumbnailGenCommand, "mogrify -thumbnail %dx%d \"%s\"", 
+    snprintf(ThumbnailGenCommand, sizeof(ThumbnailGenCommand),
+	"mogrify -thumbnail %dx%d \"%s\"", 
         RegenThumbnail, RegenThumbnail, FileName);
 
     if (system(ThumbnailGenCommand) == 0){
@@ -985,7 +996,7 @@ void ProcessFile(const char * FileName)
 
             // Print to temp buffer first to avoid putting null termination in destination.
             // snprintf() would do the trick ,but not available everywhere (like FreeBSD 4.4)
-            sprintf(TempBuf, "%04d:%02d:%02d %02d:%02d:%02d",
+            snprintf(TempBuf, sizeof(TempBuf), "%04d:%02d:%02d %02d:%02d:%02d",
                 tm.tm_year+1900, tm.tm_mon+1, tm.tm_mday,
                 tm.tm_hour, tm.tm_min, tm.tm_sec);