$NetBSD: patch-ah,v 1.6 2005/04/11 18:44:54 salo Exp $

--- src/unshar.c.orig	1995-11-21 17:22:14.000000000 +0100
+++ src/unshar.c	2005-04-11 20:37:40.000000000 +0200
@@ -346,8 +346,8 @@
 {
   size_t size_read;
   FILE *file;
-  char name_buffer[NAME_BUFFER_SIZE];
-  char copy_buffer[NAME_BUFFER_SIZE];
+  char name_buffer[NAME_BUFFER_SIZE] = {'\0'};
+  char copy_buffer[NAME_BUFFER_SIZE] = {'\0'};
   int optchar;
 
   program_name = argv[0];
@@ -409,13 +409,13 @@
   if (optind < argc)
     for (; optind < argc; optind++)
       {
-	if (argv[optind][0] == '/')
-	  stpcpy (name_buffer, argv[optind]);
-	else
-	  {
-	    char *cp = stpcpy (name_buffer, current_directory);
-	    *cp++ = '/';
-	    stpcpy (cp, argv[optind]);
+	if (argv[optind][0] == '/') {
+		strncpy (name_buffer, argv[optind], sizeof(name_buffer));
+		name_buffer[sizeof(name_buffer)-1] = '\0';
+	}
+	else {
+		snprintf(name_buffer, sizeof(name_buffer),"%s/%s", current_directory, argv[optind]);
+		name_buffer[sizeof(name_buffer)-1] = '\0';
 	  }
 	if (file = fopen (name_buffer, "r"), !file)
 	  error (EXIT_FAILURE, errno, name_buffer);
@@ -424,13 +424,15 @@
       }
   else
     {
+#ifdef __MSDOS__
       sprintf (name_buffer, "/tmp/unsh.%05d", (int) getpid ());
       unlink (name_buffer);
 
       if (file = fopen (name_buffer, "w+"), !file)
 	error (EXIT_FAILURE, errno, name_buffer);
-#ifndef __MSDOS__
-      unlink (name_buffer);	/* will be deleted on fclose */
+#else
+      if (file = tmpfile(), !file)
+        error (EXIT_FAILURE, errno, "tmpfile");
 #endif
 
       while (size_read = fread (copy_buffer, 1, sizeof (copy_buffer), stdin),
