$NetBSD: patch-ae,v 1.8.2.1 2006/08/25 11:05:02 ghen Exp $

--- src/build.c.orig	2003-03-05 11:43:59.000000000 +0100
+++ src/build.c	2006-08-24 23:26:31.000000000 +0200
@@ -115,7 +115,7 @@
 	}
 	/* see if the name list is the same */
 	for (i = 0; i < count; ++i) {
-		if (fscanf(oldrefs, "%s", oldname) != 1 ||
+		if (! fgets(oldname, sizeof(oldname), oldrefs)||
 		    strnotequal(oldname, names[i])) {
 			return(NO);
 		}
@@ -215,7 +215,7 @@
 		(void) strcpy(newdir, "$HOME");
 	}
 	else if (strncmp(currentdir, home, strlen(home)) == 0) {
-		(void) sprintf(newdir, "$HOME%s", currentdir + strlen(home));
+		(void) snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home));
 	}
 	/* sort the source file names (needed for rebuilding) */
 	qsort(srcfiles, (unsigned) nsrcfiles, sizeof(char *), compare);
@@ -223,7 +223,7 @@
 	/* if there is an old cross-reference and its current directory matches */
 	/* or this is an unconditional build */
 	if ((oldrefs = vpfopen(reffile, "rb")) != NULL && unconditional == NO &&
-	    fscanf(oldrefs, "cscope %d %s", &fileversion, olddir) == 2 &&
+	    fscanf(oldrefs, "cscope %d %" PATHLEN_STR "s", &fileversion, olddir) == 2 &&
 	    (strcmp(olddir, currentdir) == 0 || /* remain compatible */
 	     strcmp(olddir, newdir) == 0)) {
 		/* get the cross-reference file's modification time */
@@ -292,7 +292,7 @@
 		/* see if the list of source files is the same and
 		   none have been changed up to the included files */
 		for (i = 0; i < nsrcfiles; ++i) {
-			if (fscanf(oldrefs, "%s", oldname) != 1 ||
+			if (! fgets(oldname, sizeof(oldname), oldrefs) ||
 			    strnotequal(oldname, srcfiles[i]) ||
 			    lstat(srcfiles[i], &statstruct) != 0 ||
 			    statstruct.st_mtime > reftime) {
@@ -301,7 +301,7 @@
 		}
 		/* the old cross-reference is up-to-date */
 		/* so get the list of included files */
-		while (i++ < oldnum && fscanf(oldrefs, "%s", oldname) == 1) {
+		while (i++ < oldnum && fgets(oldname, sizeof(oldname), oldrefs)) {
 			addsrcfile(oldname);
 		}
 		(void) fclose(oldrefs);
@@ -443,7 +443,7 @@
 		}
 		(void) fstat(fileno(postings), &statstruct);
 		(void) fclose(postings);
-		(void) sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
+		(void) snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
 		if ((postings = mypopen(sortcommand, "r")) == NULL) {
 			(void) fprintf(stderr, "cscope: cannot open pipe to sort command\n");
 			cannotindex();
