[packages/cscope.git] / cscope-CVE-2004-2541.patch

--- cscope-15.6/src/build.c.orig	2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/build.c	2006-10-04 21:52:50.552160750 +0200
@@ -223,7 +223,7 @@
     if (strcmp(currentdir, home) == 0) {
 	strcpy(newdir, "$HOME");
     } else if (strncmp(currentdir, home, strlen(home)) == 0) {
-	sprintf(newdir, "$HOME%s", currentdir + strlen(home));
+	snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home));
     }
     /* sort the source file names (needed for rebuilding) */
     qsort(srcfiles, nsrcfiles, sizeof(char *), compare);
@@ -454,7 +454,7 @@
 	}
 	fstat(fileno(postings), &statstruct);
 	fclose(postings);
-	sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
+	snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
 	if ((postings = mypopen(sortcommand, "r")) == NULL) {
 	    fprintf(stderr, "cscope: cannot open pipe to sort command\n");
 	    cannotindex();
--- cscope-15.6/src/command.c.orig	2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/command.c	2006-10-04 21:53:09.161323750 +0200
@@ -739,7 +739,7 @@
 				
 		/* make sure it can be changed */
 		if (access(newfile, WRITE) != 0) {
-		    sprintf(msg, "Cannot write to file %s", newfile);
+		    snprintf(msg, sizeof(msg), "Cannot write to file %s", newfile);
 		    postmsg(msg);
 		    anymarked = NO;
 		    break;
--- cscope-15.6/src/dir.c.orig	2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/dir.c	2006-10-04 21:54:32.314520500 +0200
@@ -139,7 +139,7 @@
 			
 	    /* compute its path from higher view path source dirs */
 	    for (i = 1; i < nvpsrcdirs; ++i) {
-		sprintf(path, "%.*s/%s",
+		snprintf(path, sizeof(path), "%.*s/%s",
 			PATHLEN - 2 - dir_len,
 			srcdirs[i], dir);
 		addsrcdir(path);
@@ -207,7 +207,7 @@
 			
 	    /* compute its path from higher view path source dirs */
 	    for (i = 1; i < nvpsrcdirs; ++i) {
-		sprintf(path, "%.*s/%s", 
+		snprintf(path, sizeof(path), "%.*s/%s", 
 			PATHLEN - 2 - dir_len,
 			srcdirs[i], dir);
 		addincdir(dir, path);
@@ -482,8 +482,6 @@
 	DIR	*dirfile;
 	int adir_len = strlen(adir);
 
-	/* FIXME: no guards against adir_len > PATHLEN, yet */
-
 	if ((dirfile = opendir(adir)) != NULL) {
 		struct dirent *entry;
 		char	path[PATHLEN + 1];
@@ -494,7 +492,7 @@
 			    && (strcmp("..",entry->d_name) != 0)) {
 				struct stat buf;
 
-				sprintf(path,"%s/%.*s", adir,
+				snprintf(path, sizeof(path), "%s/%.*s", adir,
 					PATHLEN - 2 - adir_len,
 					entry->d_name);
 
@@ -604,14 +602,14 @@
 	/* search for the file in the #include directory list */
 	for (i = 0; i < nincdirs; ++i) {
 	    /* don't include the file from two directories */
-	    sprintf(name, "%.*s/%s",
+	    snprintf(name, sizeof(name), "%.*s/%s",
 		    PATHLEN - 2 - file_len, incnames[i],
 		    file);
 	    if (infilelist(name) == YES) {
 		break;
 	    }
 	    /* make sure it exists and is readable */
-	    sprintf(path, "%.*s/%s",
+	    snprintf(path, sizeof(path), "%.*s/%s",
 		    PATHLEN - 2 - file_len, incdirs[i],
 		    file);
 	    if (access(compath(path), READ) == 0) {
@@ -659,7 +657,7 @@
 
 	/* compute its path from higher view path source dirs */
 	for (i = 1; i < nvpsrcdirs; ++i) {
-	    sprintf(path, "%.*s/%s",
+	    snprintf(path, sizeof(path), "%.*s/%s",
 		    PATHLEN - 2 - file_len, srcdirs[i],
 		    file);
 	    if (access(compath(path), READ) == 0) {
--- cscope-15.5+cvs20050816/src/display.c.orig	2006-05-15 13:43:42.000000000 +0100
+++ cscope-15.5+cvs20050816/src/display.c	2006-05-15 13:48:08.000000000 +0100
@@ -481,20 +481,20 @@
 	/* see if it is empty */
 	if ((c = getc(refsfound)) == EOF) {
 		if (findresult != NULL) {
-			(void) sprintf(lastmsg, "Egrep %s in this pattern: %s", 
+			(void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s", 
 				       findresult, Pattern);
 		} else if (rc == NOTSYMBOL) {
-			(void) sprintf(lastmsg, "This is not a C symbol: %s", 
+			(void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s", 
 				       Pattern);
 		} else if (rc == REGCMPERROR) {
-			(void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s", 
+			(void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s", 
 				       Pattern);
 			
 		} else if (funcexist == NO) {
-			(void) sprintf(lastmsg, "Function definition does not exist: %s", 
+			(void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s", 
 				       Pattern);
 		} else {
-			(void) sprintf(lastmsg, "Could not find the %s: %s", 
+			(void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s", 
 				       fields[field].text2, Pattern);
 		}
 		return(NO);
@@ -530,17 +530,17 @@
 			move(MSGLINE, 0);
 			clrtoeol();
 			addstr(what);
-			sprintf(msg, "%ld", current);
+			snprintf(msg, sizeof(msg), "%ld", current);
 			move(MSGLINE, (COLS / 2) - (strlen(msg) / 2));
 			addstr(msg);
-			sprintf(msg, "%ld", max);
+			snprintf(msg, sizeof(msg), "%ld", max);
 			move(MSGLINE, COLS - strlen(msg));
 			addstr(msg);
 			refresh();
 		}
 		else if (verbosemode == YES)
 		{
-			sprintf(msg, "> %s %ld of %ld", what, current, max);
+			snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max);
 		}
 
 		start = now;
@@ -578,7 +578,7 @@
 		s = sys_errlist[errno];
 	}
 #endif
-	(void) sprintf(msg, "%s: %s", text, s);
+	(void) snprintf(msg, sizeof(msg), "%s: %s", text, s);
 	postmsg(msg);
 }
 
--- cscope-15.5+cvs20050816/src/edit.c.orig	2006-05-15 13:43:42.000000000 +0100
+++ cscope-15.5+cvs20050816/src/edit.c	2006-05-15 13:50:49.000000000 +0100
@@ -105,9 +105,9 @@
 	char	*s;
 
 	file = filepath(file);
-	(void) sprintf(msg, "%s +%s %s", mybasename(editor), linenum, file);
+	(void) snprintf(msg, sizeof(msg), "%s +%s %s", mybasename(editor), linenum, file);
 	postmsg(msg);
-	(void) sprintf(plusnum, lineflag, linenum);
+	(void) snprintf(plusnum, sizeof(plusnum), lineflag, linenum);
 	/* if this is the more or page commands */
 	if (strcmp(s = mybasename(editor), "more") == 0 || strcmp(s, "page") == 0) {
 		
@@ -132,7 +132,7 @@
 	static	char	path[PATHLEN + 1];
 	
 	if (prependpath != NULL && *file != '/') {
-		(void) sprintf(path, "%s/%s", prependpath, file);
+		(void) snprintf(path, sizeof(path), "%s/%s", prependpath, file);
 		file = path;
 	}
 	return(file);
--- cscope-15.6/src/exec.c.orig	2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/exec.c	2006-10-04 21:54:47.559473250 +0200
@@ -123,7 +123,7 @@
 
     /* execute the program or shell script */
     execvp(a, args);	/* returns only on failure */
-    sprintf(msg, "\nCannot exec %s", a);
+    snprintf(msg, sizeof(msg), "\nCannot exec %s", a);
     perror(msg);		/* display the reason */
     askforreturn();		/* wait until the user sees the message */
     myexit(1);		/* exit the child */
--- cscope-15.5+cvs20050816/src/find.c.orig	2006-05-15 13:43:42.000000000 +0100
+++ cscope-15.5+cvs20050816/src/find.c	2006-05-15 13:51:08.000000000 +0100
@@ -666,7 +666,7 @@
 		/* must be an exact match */
 		/* note: regcomp doesn't recognize ^*keypad$ as a syntax error
 		         unless it is given as a single arg */
-		(void) sprintf(buf, "^%s$", s);
+		(void) snprintf(buf, sizeof(buf), "^%s$", s);
 		if (regcomp (&regexp, buf, REG_EXTENDED | REG_NOSUB) != 0) {
 			return(REGCMPERROR);
 		}
--- cscope-15.6/src/main.c.orig	2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/main.c	2006-10-04 21:56:49.327083250 +0200
@@ -359,7 +359,7 @@
     /* create the temporary file names */
     orig_umask = umask(S_IRWXG|S_IRWXO);
     pid = getpid();
-    sprintf(tempdirpv, "%s/cscope.%d", tmpdir, pid);
+    snprintf(tempdirpv, sizeof(tempdirpv), "%s/cscope.%d", tmpdir, pid);
     if(mkdir(tempdirpv,S_IRWXU)) {
 	fprintf(stderr, "\
 cscope: Could not create private temp dir %s\n",
@@ -368,8 +368,8 @@
     }
     umask(orig_umask);
 
-    sprintf(temp1, "%s/cscope.1", tempdirpv);
-    sprintf(temp2, "%s/cscope.2", tempdirpv);
+    snprintf(temp1, sizeof(temp1), "%s/cscope.1", tempdirpv);
+    snprintf(temp2, sizeof(temp2), "%s/cscope.2", tempdirpv);
 
     /* if running in the foreground */
     if (signal(SIGINT, SIG_IGN) != SIG_IGN) {
@@ -389,12 +389,12 @@
 	 * used instead of failing to open a non-existant database in
 	 * the home directory
 	 */
-	sprintf(path, "%s/%s", home, reffile);
+	snprintf(path, sizeof(path), "%s/%s", home, reffile);
 	if (isuptodate == NO || access(path, READ) == 0) {
 	    reffile = my_strdup(path);
-	    sprintf(path, "%s/%s", home, invname);
+	    snprintf(path, sizeof(path), "%s/%s", home, invname);
 	    invname = my_strdup(path);
-	    sprintf(path, "%s/%s", home, invpost);
+	    snprintf(path, sizeof(path), "%s/%s", home, invpost);
 	    invpost = my_strdup(path);
 	}
     }
--- cscope-15.5+cvs20050816/src/vpaccess.c.orig	2006-05-15 13:43:42.000000000 +0100
+++ cscope-15.5+cvs20050816/src/vpaccess.c	2006-05-15 13:52:42.000000000 +0100
@@ -49,7 +49,7 @@
 	if ((returncode = access(path, amode)) == -1 && path[0] != '/') {
 		vpinit(NULL);
 		for (i = 1; i < vpndirs; i++) {
-			(void) sprintf(buf, "%s/%s", vpdirs[i], path);
+			(void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
 			if ((returncode = access(buf, amode)) != -1) {
 				break;
 			}
--- cscope-15.5+cvs20050816/src/vpfopen.c.orig	2006-05-15 13:43:42.000000000 +0100
+++ cscope-15.5+cvs20050816/src/vpfopen.c	2006-05-15 13:52:51.000000000 +0100
@@ -53,7 +53,7 @@
 		) {
 		vpinit(NULL);
 		for (i = 1; i < vpndirs; i++) {
-			(void) sprintf(buf, "%s/%s", vpdirs[i], filename);
+			(void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], filename);
 			if ((returncode = myfopen(buf, type)) != NULL) {
 				break;
 			}
--- cscope-15.5+cvs20050816/src/vpopen.c.orig	2006-05-15 13:43:42.000000000 +0100
+++ cscope-15.5+cvs20050816/src/vpopen.c	2006-05-15 13:52:57.000000000 +0100
@@ -52,7 +52,7 @@
 	    oflag == OPENFLAG_READ) {
 		vpinit(NULL);
 		for (i = 1; i < vpndirs; i++) {
-			(void) sprintf(buf, "%s/%s", vpdirs[i], path);
+			(void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
 			if ((returncode = myopen(buf, oflag, 0666)) != -1) {
 				break;
 			}
Commit	Line	Data
fe64d58b JB	1	--- cscope-15.6/src/build.c.orig 2006-09-30 10:13:00.000000000 +0200
	2	+++ cscope-15.6/src/build.c 2006-10-04 21:52:50.552160750 +0200
	3	@@ -223,7 +223,7 @@
	4	if (strcmp(currentdir, home) == 0) {
	5	strcpy(newdir, "$HOME");
	6	} else if (strncmp(currentdir, home, strlen(home)) == 0) {
	7	- sprintf(newdir, "$HOME%s", currentdir + strlen(home));
	8	+ snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home));
	9	}
	10	/* sort the source file names (needed for rebuilding) */
	11	qsort(srcfiles, nsrcfiles, sizeof(char *), compare);
	12	@@ -454,7 +454,7 @@
	13	}
	14	fstat(fileno(postings), &statstruct);
	15	fclose(postings);
	16	- sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
	17	+ snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
	18	if ((postings = mypopen(sortcommand, "r")) == NULL) {
	19	fprintf(stderr, "cscope: cannot open pipe to sort command\n");
	20	cannotindex();
	21	--- cscope-15.6/src/command.c.orig 2006-09-30 10:13:00.000000000 +0200
	22	+++ cscope-15.6/src/command.c 2006-10-04 21:53:09.161323750 +0200
	23	@@ -739,7 +739,7 @@
	24
	25	/* make sure it can be changed */
	26	if (access(newfile, WRITE) != 0) {
	27	- sprintf(msg, "Cannot write to file %s", newfile);
	28	+ snprintf(msg, sizeof(msg), "Cannot write to file %s", newfile);
	29	postmsg(msg);
	30	anymarked = NO;
	31	break;
	32	--- cscope-15.6/src/dir.c.orig 2006-09-30 10:13:00.000000000 +0200
	33	+++ cscope-15.6/src/dir.c 2006-10-04 21:54:32.314520500 +0200
	34	@@ -139,7 +139,7 @@
	35
	36	/* compute its path from higher view path source dirs */
	37	for (i = 1; i < nvpsrcdirs; ++i) {
	38	- sprintf(path, "%.*s/%s",
	39	+ snprintf(path, sizeof(path), "%.*s/%s",
	40	PATHLEN - 2 - dir_len,
	41	srcdirs[i], dir);
	42	addsrcdir(path);
	43	@@ -207,7 +207,7 @@
	44
	45	/* compute its path from higher view path source dirs */
	46	for (i = 1; i < nvpsrcdirs; ++i) {
	47	- sprintf(path, "%.*s/%s",
	48	+ snprintf(path, sizeof(path), "%.*s/%s",
	49	PATHLEN - 2 - dir_len,
	50	srcdirs[i], dir);
	51	addincdir(dir, path);
	52	@@ -482,8 +482,6 @@
	53	DIR *dirfile;
	54	int adir_len = strlen(adir);
	55
	56	- /* FIXME: no guards against adir_len > PATHLEN, yet */
	57	-
	58	if ((dirfile = opendir(adir)) != NULL) {
	59	struct dirent *entry;
	60	char path[PATHLEN + 1];
	61	@@ -494,7 +492,7 @@
	62	&& (strcmp("..",entry->d_name) != 0)) {
	63	struct stat buf;
	64
65	- sprintf(path,"%s/%.*s", adir,
66	+ snprintf(path, sizeof(path), "%s/%.*s", adir,
67	PATHLEN - 2 - adir_len,
68	entry->d_name);
69
70	@@ -604,14 +602,14 @@
71	/* search for the file in the #include directory list */
72	for (i = 0; i < nincdirs; ++i) {
73	/* don't include the file from two directories */
74	- sprintf(name, "%.*s/%s",
75	+ snprintf(name, sizeof(name), "%.*s/%s",
76	PATHLEN - 2 - file_len, incnames[i],
77	file);
78	if (infilelist(name) == YES) {
79	break;
80	}
81	/* make sure it exists and is readable */
82	- sprintf(path, "%.*s/%s",
83	+ snprintf(path, sizeof(path), "%.*s/%s",
84	PATHLEN - 2 - file_len, incdirs[i],
85	file);
86	if (access(compath(path), READ) == 0) {
87	@@ -659,7 +657,7 @@
88
89	/* compute its path from higher view path source dirs */
90	for (i = 1; i < nvpsrcdirs; ++i) {
91	- sprintf(path, "%.*s/%s",
92	+ snprintf(path, sizeof(path), "%.*s/%s",
93	PATHLEN - 2 - file_len, srcdirs[i],
94	file);
95	if (access(compath(path), READ) == 0) {
96	--- cscope-15.5+cvs20050816/src/display.c.orig 2006-05-15 13:43:42.000000000 +0100
97	+++ cscope-15.5+cvs20050816/src/display.c 2006-05-15 13:48:08.000000000 +0100
98	@@ -481,20 +481,20 @@
99	/* see if it is empty */
100	if ((c = getc(refsfound)) == EOF) {
101	if (findresult != NULL) {
102	- (void) sprintf(lastmsg, "Egrep %s in this pattern: %s",
103	+ (void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s",
104	findresult, Pattern);
105	} else if (rc == NOTSYMBOL) {
106	- (void) sprintf(lastmsg, "This is not a C symbol: %s",
107	+ (void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s",
108	Pattern);
109	} else if (rc == REGCMPERROR) {
110	- (void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s",
111	+ (void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s",
112	Pattern);
113
114	} else if (funcexist == NO) {
115	- (void) sprintf(lastmsg, "Function definition does not exist: %s",
116	+ (void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s",
117	Pattern);
118	} else {
119	- (void) sprintf(lastmsg, "Could not find the %s: %s",
120	+ (void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s",
121	fields[field].text2, Pattern);
122	}
123	return(NO);
124	@@ -530,17 +530,17 @@
125	move(MSGLINE, 0);
126	clrtoeol();
127	addstr(what);
128	- sprintf(msg, "%ld", current);
129	+ snprintf(msg, sizeof(msg), "%ld", current);
130	move(MSGLINE, (COLS / 2) - (strlen(msg) / 2));
131	addstr(msg);
132	- sprintf(msg, "%ld", max);
133	+ snprintf(msg, sizeof(msg), "%ld", max);
134	move(MSGLINE, COLS - strlen(msg));
135	addstr(msg);
136	refresh();
137	}
138	else if (verbosemode == YES)
139	{
140	- sprintf(msg, "> %s %ld of %ld", what, current, max);
141	+ snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max);
142	}
143
144	start = now;
145	@@ -578,7 +578,7 @@
146	s = sys_errlist[errno];
147	}
148	#endif
149	- (void) sprintf(msg, "%s: %s", text, s);
150	+ (void) snprintf(msg, sizeof(msg), "%s: %s", text, s);
151	postmsg(msg);
152	}
153
154	--- cscope-15.5+cvs20050816/src/edit.c.orig 2006-05-15 13:43:42.000000000 +0100
155	+++ cscope-15.5+cvs20050816/src/edit.c 2006-05-15 13:50:49.000000000 +0100
156	@@ -105,9 +105,9 @@
157	char *s;
158
159	file = filepath(file);
160	- (void) sprintf(msg, "%s +%s %s", mybasename(editor), linenum, file);
161	+ (void) snprintf(msg, sizeof(msg), "%s +%s %s", mybasename(editor), linenum, file);
162	postmsg(msg);
163	- (void) sprintf(plusnum, lineflag, linenum);
164	+ (void) snprintf(plusnum, sizeof(plusnum), lineflag, linenum);
165	/* if this is the more or page commands */
166	if (strcmp(s = mybasename(editor), "more") == 0 \|\| strcmp(s, "page") == 0) {
167
168	@@ -132,7 +132,7 @@
169	static char path[PATHLEN + 1];
170
171	if (prependpath != NULL && *file != '/') {
172	- (void) sprintf(path, "%s/%s", prependpath, file);
173	+ (void) snprintf(path, sizeof(path), "%s/%s", prependpath, file);
174	file = path;
175	}
176	return(file);
177	--- cscope-15.6/src/exec.c.orig 2006-09-30 10:13:00.000000000 +0200
178	+++ cscope-15.6/src/exec.c 2006-10-04 21:54:47.559473250 +0200
179	@@ -123,7 +123,7 @@
180
181	/* execute the program or shell script */
182	execvp(a, args); /* returns only on failure */
183	- sprintf(msg, "\nCannot exec %s", a);
184	+ snprintf(msg, sizeof(msg), "\nCannot exec %s", a);
185	perror(msg); /* display the reason */
186	askforreturn(); /* wait until the user sees the message */
187	myexit(1); /* exit the child */
188	--- cscope-15.5+cvs20050816/src/find.c.orig 2006-05-15 13:43:42.000000000 +0100
189	+++ cscope-15.5+cvs20050816/src/find.c 2006-05-15 13:51:08.000000000 +0100
190	@@ -666,7 +666,7 @@
191	/* must be an exact match */
192	/* note: regcomp doesn't recognize ^*keypad$ as a syntax error
193	unless it is given as a single arg */
194	- (void) sprintf(buf, "^%s$", s);
195	+ (void) snprintf(buf, sizeof(buf), "^%s$", s);
196	if (regcomp (&regexp, buf, REG_EXTENDED \| REG_NOSUB) != 0) {
197	return(REGCMPERROR);
198	}
199	--- cscope-15.6/src/main.c.orig 2006-09-30 10:13:00.000000000 +0200
200	+++ cscope-15.6/src/main.c 2006-10-04 21:56:49.327083250 +0200
201	@@ -359,7 +359,7 @@
202	/* create the temporary file names */
203	orig_umask = umask(S_IRWXG\|S_IRWXO);
204	pid = getpid();
205	- sprintf(tempdirpv, "%s/cscope.%d", tmpdir, pid);
206	+ snprintf(tempdirpv, sizeof(tempdirpv), "%s/cscope.%d", tmpdir, pid);
207	if(mkdir(tempdirpv,S_IRWXU)) {
208	fprintf(stderr, "\
209	cscope: Could not create private temp dir %s\n",
210	@@ -368,8 +368,8 @@
211	}
212	umask(orig_umask);
213
214	- sprintf(temp1, "%s/cscope.1", tempdirpv);
215	- sprintf(temp2, "%s/cscope.2", tempdirpv);
216	+ snprintf(temp1, sizeof(temp1), "%s/cscope.1", tempdirpv);
217	+ snprintf(temp2, sizeof(temp2), "%s/cscope.2", tempdirpv);
218
219	/* if running in the foreground */
220	if (signal(SIGINT, SIG_IGN) != SIG_IGN) {
221	@@ -389,12 +389,12 @@
222	* used instead of failing to open a non-existant database in
223	* the home directory
224	*/
225	- sprintf(path, "%s/%s", home, reffile);
226	+ snprintf(path, sizeof(path), "%s/%s", home, reffile);
227	if (isuptodate == NO \|\| access(path, READ) == 0) {
228	reffile = my_strdup(path);
229	- sprintf(path, "%s/%s", home, invname);
230	+ snprintf(path, sizeof(path), "%s/%s", home, invname);
231	invname = my_strdup(path);
232	- sprintf(path, "%s/%s", home, invpost);
233	+ snprintf(path, sizeof(path), "%s/%s", home, invpost);
234	invpost = my_strdup(path);
235	}
236	}
237	--- cscope-15.5+cvs20050816/src/vpaccess.c.orig 2006-05-15 13:43:42.000000000 +0100
238	+++ cscope-15.5+cvs20050816/src/vpaccess.c 2006-05-15 13:52:42.000000000 +0100
239	@@ -49,7 +49,7 @@
240	if ((returncode = access(path, amode)) == -1 && path[0] != '/') {
241	vpinit(NULL);
242	for (i = 1; i < vpndirs; i++) {
243	- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
244	+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
245	if ((returncode = access(buf, amode)) != -1) {
246	break;
247	}
248	--- cscope-15.5+cvs20050816/src/vpfopen.c.orig 2006-05-15 13:43:42.000000000 +0100
249	+++ cscope-15.5+cvs20050816/src/vpfopen.c 2006-05-15 13:52:51.000000000 +0100
250	@@ -53,7 +53,7 @@
251	) {
252	vpinit(NULL);
253	for (i = 1; i < vpndirs; i++) {
254	- (void) sprintf(buf, "%s/%s", vpdirs[i], filename);
255	+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], filename);
256	if ((returncode = myfopen(buf, type)) != NULL) {
257	break;
258	}
259	--- cscope-15.5+cvs20050816/src/vpopen.c.orig 2006-05-15 13:43:42.000000000 +0100
260	+++ cscope-15.5+cvs20050816/src/vpopen.c 2006-05-15 13:52:57.000000000 +0100
261	@@ -52,7 +52,7 @@
262	oflag == OPENFLAG_READ) {
263	vpinit(NULL);
264	for (i = 1; i < vpndirs; i++) {
265	- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
266	+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
267	if ((returncode = myopen(buf, oflag, 0666)) != -1) {
268	break;
269	}