$OpenBSD: patch-gnats_config_c,v 1.1 2003/08/25 23:35:06 brad Exp $
--- gnats/config.c.orig	Thu Nov  5 12:54:11 1998
+++ gnats/config.c	Wed Jul  2 13:23:13 2003
@@ -106,6 +106,7 @@ configure()
 {
   FILE *fp;
   char line[STR_MAX];
+  size_t len;
 
 #ifndef STDCINIT
   confs[0].key = "GNATS_ADDR"; confs[0].val = gnats_addr;
@@ -140,8 +141,9 @@ configure()
     xfree (fname);
   
 #define CONFSTR "%s/gnats-adm/config"
-  fname = xmalloc (strlen (gnats_root) + sizeof (CONFSTR) - 1);
-  sprintf (fname, CONFSTR, gnats_root);
+  len = strlen (gnats_root) + sizeof (CONFSTR) - 1;
+  fname = xmalloc (len);
+  snprintf (fname, len, CONFSTR, gnats_root);
   
   fp = fopen (fname, "r");
   
@@ -163,10 +165,10 @@ configure()
 	    {
 	      /* Mimic somewhat the sh interpretation of the line.  */
 	      if (*p == '\'')
-		strcpy (confs[i].val, safe_strtok(p+1, "'"));
+		strlcpy (confs[i].val, safe_strtok(p+1, "'"), n+1);
 	      else if (*p == '"')
-		strcpy (confs[i].val, string_extract_double_quoted(p+1));
-	      else strcpy (confs[i].val, safe_strtok(p, " \t\n"));
+		strlcpy (confs[i].val, string_extract_double_quoted(p+1), n+1);
+	      else strlcpy (confs[i].val, safe_strtok(p, " \t\n"), n+1);
 	    }
 	  break;
 	}
@@ -196,9 +198,11 @@ string_extract_double_quoted (string)
   register int c, j, i;		/* character, temp pos, str pos */
   char *temp;			/* The new string we return. */
   int pass_next;		/* State variables for the machine. */
+  size_t len;
 
   pass_next = 0;
-  temp = (char *)xmalloc (strlen (string) + 1);
+  len = strlen (string) + 1;
+  temp = (char *)xmalloc (len);
 
   for (j = 0, i = 0; (c = string[i]) != '\0'; i++)
     {
@@ -234,7 +238,7 @@ string_extract_double_quoted (string)
       temp[j++] = c;
     }
   temp[j] = '\0';
-  strcpy (string, temp);
+  strlcpy (string, temp, len);
   xfree (temp);
   return (string);
 }