The attached patches wipe two uses of strcpy from the main library
(libintl).
There is one instance left, but it's harder to wipe out...
$OpenBSD$
--- gettext-runtime/intl/log.c.orig Wed Nov 2 21:44:38 2005
+++ gettext-runtime/intl/log.c Wed Nov 2 21:45:26 2005
@@ -56,6 +56,7 @@ _nl_log_untranslated (const char *logfil
static char *last_logfilename = NULL;
static FILE *last_logfile = NULL;
FILE *logfile;
+ size_t len;
/* Can we reuse the last opened logfile? */
if (last_logfilename == NULL || strcmp (logfilename, last_logfilename) != 0)
@@ -72,10 +73,11 @@ _nl_log_untranslated (const char *logfil
last_logfilename = NULL;
}
/* Open the logfile. */
- last_logfilename = (char *) malloc (strlen (logfilename) + 1);
+ len = strlen (logfilename) + 1;
+ last_logfilename = (char *) malloc (len);
if (last_logfilename == NULL)
return;
- strcpy (last_logfilename, logfilename);
+ strlcpy (last_logfilename, logfilename, len);
last_logfile = fopen (logfilename, "a");
if (last_logfile == NULL)
return;
$OpenBSD$
--- gettext-runtime/intl/relocatable.c.orig Wed Nov 2 21:45:39 2005
+++ gettext-runtime/intl/relocatable.c Wed Nov 2 21:48:14 2005
@@ -429,15 +429,19 @@ relocate (const char *pathname)
{
/* pathname starts with orig_prefix. */
const char *pathname_tail = &pathname[orig_prefix_len];
- char *result =
- (char *) xmalloc (curr_prefix_len + strlen (pathname_tail) + 1);
+ size_t len;
+ char *result;
+
+ len = curr_prefix_len + strlen (pathname_tail) + 1;
+ result = (char *) xmalloc (len);
#ifdef NO_XMALLOC
if (result != NULL)
#endif
{
memcpy (result, curr_prefix, curr_prefix_len);
- strcpy (result + curr_prefix_len, pathname_tail);
+ result[curr_prefix_len] = '\0';
+ strlcat (result, pathname_tail, len);
return result;
}
}
