From c4c326cf1d0a682a7eb6f6ada85a779e03b24ff7 Mon Sep 17 00:00:00 2001
From: David Schultz <das@FreeBSD.org>
Date: Sun, 19 Sep 2004 20:34:30 +0000
Subject: [PATCH] Fix a buffer overflow by using strncpy() instead of strcpy().
 Also, use strdup() instead of malloc()/strcpy().

PR:		64164
---
 usr.bin/indent/args.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/usr.bin/indent/args.c b/usr.bin/indent/args.c
index eb939606072..f139de58840 100644
--- a/usr.bin/indent/args.c
+++ b/usr.bin/indent/args.c
@@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
 
 #include <ctype.h>
 #include <err.h>
+#include <limits.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -171,10 +172,10 @@ void
 set_profile(void)
 {
     FILE *f;
-    char        fname[BUFSIZ];
+    char fname[PATH_MAX];
     static char prof[] = ".indent.pro";
 
-    sprintf(fname, "%s/%s", getenv("HOME"), prof);
+    snprintf(fname, sizeof(fname), "%s/%s", getenv("HOME"), prof);
     if ((f = fopen(option_source = fname, "r")) != NULL) {
 	scan_profile(f);
 	(void) fclose(f);
@@ -288,10 +289,9 @@ found:
 	    if (*param_start == 0)
 		goto need_param;
 	    {
-		char *str = (char *) malloc(strlen(param_start) + 1);
+		char *str = strdup(param_start);
 		if (str == NULL)
 			err(1, NULL);
-		strcpy(str, param_start);
 		addkey(str, 4);
 	    }
 	    break;