$OpenBSD: patch-cgi_c,v 1.2 2003/04/01 20:52:59 sturm Exp $
--- cgi.c.orig	Tue Mar 11 20:26:25 2003
+++ cgi.c	Sat Mar 29 18:17:02 2003
@@ -1399,7 +1399,7 @@ jb_err cgi_error_unknown(struct client_s
    rsp->head_length = 0;
    rsp->is_static = 0;
 
-   sprintf(errnumbuf, "%d", error_to_report);
+   snprintf(errnumbuf, sizeof(errnumbuf), "%d", error_to_report);
 
    rsp->body = malloc(strlen(body_prefix) + strlen(errnumbuf) + strlen(body_suffix) + 1);
    if (rsp->body == NULL)
@@ -1596,7 +1596,7 @@ struct http_response *finish_http_respon
    /* 
     * Fill in the HTTP Status
     */
-   sprintf(buf, "HTTP/1.0 %s", rsp->status ? rsp->status : "200 OK");
+   snprintf(buf, sizeof(buf), "HTTP/1.0 %s", rsp->status ? rsp->status : "200 OK");
    err = enlist_first(rsp->headers, buf);
 
    /* 
@@ -1608,7 +1608,7 @@ struct http_response *finish_http_respon
    }
    if (!err)
    {
-      sprintf(buf, "Content-Length: %d", (int)rsp->content_length);
+      snprintf(buf, sizeof(buf), "Content-Length: %d", (int)rsp->content_length);
       err = enlist(rsp->headers, buf);
    }