$OpenBSD: patch-gnats_queue-pr_c,v 1.1 2011/07/08 11:32:17 jasper Exp $
--- gnats/queue-pr.c.orig	Wed Nov 25 15:15:20 1998
+++ gnats/queue-pr.c	Fri Jul  8 13:28:43 2011
@@ -78,9 +78,11 @@ fork_gnats (filename)
 
   int pid; /* pid_t */
   int status;
+  size_t len;
 
-  safe_env[0] = (char *) xmalloc (5 + strlen (gnats_user) + 1);
-  sprintf (safe_env[0], "USER=%s", gnats_user);
+  len = 5 + strlen (gnats_user) + 1;
+  safe_env[0] = (char *) xmalloc (len);
+  snprintf (safe_env[0], len, "USER=%s", gnats_user);
 
   errno = 0;
   pid = fork();
@@ -91,10 +93,11 @@ fork_gnats (filename)
     {
       char *gnats_bin;
       int fd;
+      size_t len = strlen (bindir) + 9;
 
-      gnats_bin = (char *) xmalloc (strlen (bindir) + 9);
-      strcpy (gnats_bin, bindir);
-      strcat (gnats_bin, "/file-pr");
+      gnats_bin = (char *) xmalloc (len);
+      strlcpy (gnats_bin, bindir, len);
+      strlcat (gnats_bin, "/file-pr", len);
 
       if (! flag_debug)
 	{
@@ -114,14 +117,14 @@ fork_gnats (filename)
       if (flag_debug)
 	{
 	  if (execle (gnats_bin, "file-pr", "-f", filename,
-		      "-D", "-d", gnats_root, NULL, safe_env) < 0)
+		      "-D", "-d", gnats_root, (char *)NULL, safe_env) < 0)
 	    punt (1, "%s: execle of gnats failed: %s\n", program_name,
 		  strerror (errno));
 	}
       else
 	{
 	  if (execle (gnats_bin, "file-pr", "-f", filename,
-		      "-d", gnats_root, NULL, safe_env) < 0)
+		      "-d", gnats_root, (char *)NULL, safe_env) < 0)
 	    punt (1, "%s: execle of gnats failed: %s\n", program_name,
 		  strerror (errno));
 	}
@@ -204,9 +207,10 @@ run_gnats ()
 	}
       else if (child_status == 2)
 	{
-	  char *name2 = xmalloc (strlen (files[i].name) + 2);
-	  strcpy (name2, ".");
-	  strcat (name2, files[i].name);
+	  size_t len = strlen (files[i].name) + 2;
+	  char *name2 = xmalloc (len);
+	  strlcpy (name2, ".", len);
+	  strlcat (name2, files[i].name, len);
 	  rename (files[i].name, name2);
 	  punt (0, "renamed `%s' to `%s' pending human intervention.\n",
 		files[i].name, name2);
@@ -226,13 +230,11 @@ drop_msg ()
 {
   int fd[2];
   char *tmpdir;
-  char *bug_file = (char *) xmalloc (PATH_MAX);
+  char bug_file[MAXPATHLEN];
   int r; /* XXX ssize_t */
   char *buf = (char *) xmalloc (MAXBSIZE);
   char *base, *new_name;
-#ifndef HAVE_MKTEMP
-  char name[L_tmpnam];
-#endif
+  size_t len;
 
   if (queue_file)
     {
@@ -247,18 +249,13 @@ drop_msg ()
   tmpdir = getenv ("TMPDIR");
   if (tmpdir == NULL)
     tmpdir = "/tmp"; /* FIXME */
-#ifdef HAVE_MKTEMP
-  sprintf (bug_file, "%s/gnatsXXXXXX", tmpdir);
-  mktemp (bug_file);
-#else
-  tmpnam (name);
-  strcpy (bug_file, name);
-#endif
+
+  snprintf (bug_file, sizeof(bug_file), "%s/gnatsXXXXXX", tmpdir);
   
-  fd[1] = open (bug_file, O_WRONLY|O_CREAT, 0664);
-  if (fd[1] < 0)
+  if ((fd[1] = mkstemp (bug_file)) < 0)
     punt (1, "%s: can't open queue file %s for writing: %s\n",
 	  program_name, bug_file, strerror (errno));
+  fchmod (fd[1], 0644);
   
   while ((r = read (fd[0], buf, MAXBSIZE)) > 0)
     if (write (fd[1], buf, r) < 0)
@@ -283,8 +280,9 @@ drop_msg ()
 
   errno = 0;
   base = basename (bug_file);
-  new_name = (char *) xmalloc (strlen (queue_dir) + 1 + strlen (bug_file) + 1);
-  sprintf (new_name, "%s/%s", queue_dir, base);
+  len = strlen (queue_dir) + 1 + strlen (bug_file) + 1;
+  new_name = (char *) xmalloc (len);
+  snprintf (new_name, len, "%s/%s", queue_dir, base);
   if (rename (bug_file, new_name) < 0)
     {
       if (errno != EXDEV)
@@ -308,6 +306,7 @@ main (argc, argv)
      char **argv;
 {
   int optc;
+  size_t len;
 
   program_name = basename (argv[0]);
 
@@ -372,10 +371,9 @@ main (argc, argv)
 	       program_name);
       exit (1);
     }
-  queue_dir = (char *) xmalloc (strlen (gnats_root)
-				+ strlen ("/gnats-queue")
-				+ 1 /* null char */);
-  sprintf (queue_dir, "%s/gnats-queue", gnats_root);
+  len = strlen (gnats_root) + strlen ("/gnats-queue") + 1 /* null char */;
+  queue_dir = (char *) xmalloc (len);
+  snprintf (queue_dir, len, "%s/gnats-queue", gnats_root);
 
   if (queue_msg)
     drop_msg ();
