- allow overriding PAGER with $METAMAIL_PAGER (based on -csh patch)

[packages/metamail.git] / metamail-security.patch

diff -dur mm2.7.orig/src/metamail/metamail.c mm2.7/src/metamail/metamail.c
--- mm2.7.orig/src/metamail/metamail.c  2004-02-19 09:15:46.000000000 +0100
+++ mm2.7/src/metamail/metamail.c       2004-02-19 09:16:13.890664901 +0100
@@ -1207,9 +1207,9 @@
     fprintf(outfp, "Content-type: %s", ContentType);
     for (j=0; j<CParamsUsed; ++j) {
         fprintf(outfp, " ; ");
-        fprintf(outfp, CParams[j]);
+        fprintf(outfp, "%s", CParams[j]);
         fprintf(outfp, " = ");
-        fprintf(outfp, CParamValues[j]);
+        fprintf(outfp, "%s", CParamValues[j]);
     }
     fprintf(outfp, "\n\n"); 
     TranslateInputToOutput(InputFP, outfp, EncodingCode, ContentType);
@@ -2032,7 +2032,8 @@
     if (lc2strcmp(charset, PrevCharset)) {
         char *s2, *charsetinuse;
 
-        strcpy(PrevCharset, charset);
+        strncpy(PrevCharset, charset, sizeof(PrevCharset));
+        PrevCharset[sizeof(PrevCharset) - 1] = '\0';
         for (s2=PrevCharset; *s2; ++s2) {
             if (isupper((unsigned char) *s2)) *s2 = tolower((unsigned char) *s2);
         }
@@ -2042,7 +2043,7 @@
         }
     }
     if (ecode == ENCODING_NONE) {
-        printf(txt+1);
+        printf("%s", txt+1);
     } else {
         /* What follows is REALLY bogus, but all my encoding stuff is pipe-oriented right now... */
         MkTmpFileName(TmpFile);
diff -dur mm2.7.orig/src/metamail/splitmail.c mm2.7/src/metamail/splitmail.c
--- mm2.7.orig/src/metamail/splitmail.c 2004-02-19 09:15:45.000000000 +0100
+++ mm2.7/src/metamail/splitmail.c      2004-02-19 09:16:13.892664767 +0100
@@ -367,7 +367,8 @@
     }
     if (!ULstrcmp(s, "subject")) {
         *colon = ':';
-        strcpy(SubjectBuf, ++colon);
+        strncpy(SubjectBuf, ++colon, sizeof(SubjectBuf));
+        SubjectBuf[sizeof(SubjectBuf) - 1] = '\0';
         return(0);
     }
     if (!ULstrcmp(s, "content-type")) {