$NetBSD: patch-ad,v 1.2 2003/09/23 08:46:46 wiz Exp $

Minor security audit

--- tcx.c.orig	Mon Dec 27 03:25:17 1993
+++ tcx.c	Tue Sep 23 09:24:12 2003
@@ -120,16 +120,16 @@
 	/* If cannot, warn user and quit */
 
 	if(strrchr(argv[1], '/') == NULL)
-		(void)sprintf(tofile, ".tcx.%s", argv[1]);
+		(void)snprintf(tofile, sizeof(tofile), ".tcx.%s", argv[1]);
 	else
 	{
-		(void)strcpy(tofile, argv[1]);
+		(void)strlcpy(tofile, argv[1], sizeof(tofile));
 		s = strrchr(tofile, '/');
 		*s = '\0';
-		(void)strcat(tofile, "/.tcx.");
+		(void)strlcat(tofile, "/.tcx.", sizeof(tofile));
 		s = strrchr(argv[1], '/');
 		s++;
-		(void)strcat(tofile, s);
+		(void)strlcat(tofile, s, sizeof(tofile));
 	}
 
 	lck.l_type = F_WRLCK; lck.l_whence = 0; lck.l_start = 0; lck.l_len = 0;
@@ -213,7 +213,7 @@
 
 	/* Spit out header and start encoding executable */
 
-	(void)sprintf(header, "#!%s\n", PATHUNTCX);
+	(void)snprintf(header, sizeof(header), "#!%s\n", PATHUNTCX);
 	if(write(outfd, header, strlen(header)) < 0) { (void)perror("write"); exit(-1); }
 
 	c = 0;	if((write(outfd, &c, 1)) < 0) { (void)perror("write"); exit(-1); }
@@ -291,7 +291,11 @@
 doencode(int infd, int outfd)
 {
 int	pid;
+#if defined(sun)
+int	status;
+#else
 union	wait	status;
+#endif
 
 	pid = fork();
 	if(pid < 0) return -1;
