$OpenBSD: patch-src_configfile_c,v 1.2 2008/06/09 23:46:20 okan Exp $ --- src/configfile.c.orig Sat Apr 19 15:17:23 2008 +++ src/configfile.c Sat May 31 14:29:04 2008 @@ -379,7 +379,7 @@ int config_read(char *file) { /* sanity check the paths */ - sprintf(path_buffer,"%s/index.html",config.web_root); + snprintf(path_buffer,sizeof(path_buffer),"%s/index.html",config.web_root); if((fin=fopen(path_buffer,"r")) == NULL) { err=-1; DPRINTF(E_LOG,L_CONF,"Invalid web_root\n"); @@ -739,6 +739,7 @@ void config_emit_service_status(WS_CONNINFO *pwsc, voi int mdns_running; char *html; char buf[256]; + char tmpbuf[32]; int r_days, r_hours, r_mins, r_secs; int scanning; @@ -797,21 +798,28 @@ void config_emit_service_status(WS_CONNINFO *pwsc, voi r_mins=r_secs/60; r_secs -= 60 * r_mins; - memset(buf,0x0,sizeof(buf)); - if(r_days) - sprintf((char*)&buf[strlen(buf)],"%d day%s, ", r_days, - r_days == 1 ? "" : "s"); + memset(buf,0x0,sizeof(buf)); + if(r_days) { + snprintf(tmpbuf,sizeof(tmpbuf),"%d day%s, ", r_days, + r_days == 1 ? "" : "s"); + strlcat(buf,tmpbuf,sizeof(buf)); + } + + if(r_days || r_hours) { + snprintf(tmpbuf,sizeof(tmpbuf),"%d hour%s, ", r_hours, + r_hours == 1 ? "" : "s"); + strlcat(buf,tmpbuf,sizeof(buf)); + } - if(r_days || r_hours) - sprintf((char*)&buf[strlen(buf)],"%d hour%s, ", r_hours, - r_hours == 1 ? "" : "s"); + if(r_days || r_hours || r_mins) { + snprintf(tmpbuf,sizeof(tmpbuf),"%d minute%s, ", r_mins, + r_mins == 1 ? "" : "s"); + strlcat(buf,tmpbuf,sizeof(buf)); + } - if(r_days || r_hours || r_mins) - sprintf((char*)&buf[strlen(buf)],"%d minute%s, ", r_mins, - r_mins == 1 ? "" : "s"); - - sprintf((char*)&buf[strlen(buf)],"%d second%s ", r_secs, - r_secs == 1 ? "" : "s"); + snprintf(tmpbuf,sizeof(tmpbuf),"%d second%s ", r_secs, + r_secs == 1 ? "" : "s"); + strlcat(buf,tmpbuf,sizeof(buf)); ws_writefd(pwsc," %s\n",buf); ws_writefd(pwsc,"\n");