$OpenBSD: patch-src_main_Renviron_c,v 1.2 2006/11/11 18:52:12 mbalmer Exp $
--- src/main/Renviron.c.orig	Mon Apr 10 00:19:51 2006
+++ src/main/Renviron.c	Tue Oct  3 20:04:28 2006
@@ -126,10 +126,12 @@ static void Putenv(char *a, char *b)
 {
     char *buf, *value, *p, *q, quote='\0';
     int inquote = 0;
+    size_t slen;
 
-    buf = (char *) malloc((strlen(a) + strlen(b) + 2) * sizeof(char));
+    slen = strlen(a) + strlen(b) + 2;    
+    buf = (char *) malloc(slen);
     if(!buf) R_Suicide("allocation failure in reading Renviron");
-    strcpy(buf, a); strcat(buf, "=");
+    strlcpy(buf, a, slen); strlcat(buf, "=", slen);
     value = buf+strlen(buf);
 
     /* now process the value */
@@ -181,7 +183,8 @@ static int process_Renviron(char *filena
 	if(!(p = Rf_strchr(s, '='))) {
 	    errs++;
 	    if(strlen(msg) < MSG_SIZE) {
-		strcat(msg, "\n      "); strcat(msg, s);
+		strlcat(msg, "\n      ", sizeof(msg));
+		strlcat(msg, s, sizeof(msg));
 	    }
 	    continue;
 	}
@@ -193,7 +196,7 @@ static int process_Renviron(char *filena
     }
     fclose(fp);
     if (errs) {
-	strcat(msg, "\n   They were ignored\n");
+	strlcat(msg, "\n   They were ignored\n", sizeof(msg));
 	R_ShowMessage(msg);
     }
     return 1;
@@ -210,10 +213,10 @@ void process_system_Renviron()
         R_ShowMessage("path to system Renviron is too long: skipping");
         return;
     }
-    strcpy(buf, R_Home);
-    strcat(buf, "/etc/");
-    strcat(buf, R_ARCH);
-    strcat(buf, "/Renviron");
+    strlcpy(buf, R_Home, sizeof(buf));
+    strlcat(buf, "/etc/", sizeof(buf));
+    strlcat(buf, R_ARCH, sizeof(buf));
+    strlcat(buf, "/Renviron", sizeof(buf));
 #else
     if(strlen(R_Home) + strlen("/etc/Renviron") > PATH_MAX - 1) {
 	R_ShowMessage("path to system Renviron is too long: skipping");
@@ -239,7 +242,7 @@ void process_site_Renviron ()
 	R_ShowMessage("path to Renviron.site is too long: skipping");
 	return;
     }
-    snprintf(buf, PATH_MAX, "%s/etc/Renviron.site", R_Home);
+    snprintf(buf, sizeof(buf), "%s/etc/Renviron.site", R_Home);
     process_Renviron(buf);
 }
 
@@ -259,7 +262,7 @@ void process_user_Renviron()
 	s = getenv("R_USER");
 	if(!s) s = getenv("HOME");
 	if(!s) return;
-	snprintf(buf, 1024, "%s/.Renviron", s);
+	snprintf(buf, sizeof(buf), "%s/.Renviron", s);
 	s = buf;
     }
 #endif
