diff --git a/nano.c b/nano.c
index d5aba3241790dbd3723ea72a7a775e781f3bd623..a49cc4541b017167725c6a8b61f3b7ca36c16b91 100644
--- a/nano.c
+++ b/nano.c
@@ -1039,7 +1039,7 @@ void exit_spell(char *tmpfilename, char *foo)
int do_oldspell(void)
{
char *temp, *foo;
- int i;
+ int i, size;
if ((temp = tempnam(0, "nano.")) == NULL) {
statusbar(_("Could not create a temporary filename: %s"),
@@ -1050,14 +1050,16 @@ int do_oldspell(void)
return 0;
if (alt_speller) {
- foo = nmalloc(strlen(temp) + strlen(alt_speller) + 2);
- sprintf(foo, "%s %s", alt_speller, temp);
+ size = strlen(temp) + strlen(alt_speller) + 2;
+ foo = nmalloc(size);
+ snprintf(foo, size, "%s %s", alt_speller, temp);
} else {
/* For now, we only try ispell because we're not capable of
handling the normal spell program (yet...) */
- foo = nmalloc(strlen(temp) + 8);
- sprintf(foo, "ispell %s", temp);
+ size = strlen(temp) + 8;
+ foo = nmalloc(size);
+ snprintf(foo, size, "ispell %s", temp);
}
endwin();
@@ -1089,7 +1091,7 @@ int do_oldspell(void)
int do_spell(void)
{
char *temp, *foo;
- int i;
+ int i, size;
if ((temp = tempnam(0, "nano.")) == NULL) {
statusbar(_("Could not create a temporary filename: %s"),
@@ -1100,14 +1102,16 @@ int do_spell(void)
return 0;
if (alt_speller) {
- foo = nmalloc(strlen(temp) + strlen(alt_speller) + 2);
- sprintf(foo, "%s %s", alt_speller, temp);
+ size = strlen(temp) + strlen(alt_speller) + 2;
+ foo = nmalloc(size);
+ snprintf(foo, size, "%s %s", alt_speller, temp);
} else {
/* For now, we only try ispell because we're not capable of
handling the normal spell program (yet...) */
- foo = nmalloc(strlen(temp) + 8);
- sprintf(foo, "ispell %s", temp);
+ size = strlen(temp) + 8;
+ foo = nmalloc(size);
+ snprintf(foo, size, "ispell %s", temp);
}
endwin();
@@ -1533,22 +1537,22 @@ void help_init(void)
/* Now add our shortcut info */
for (i = 0; i < MAIN_LIST_LEN; i++) {
- sofar = sprintf(buf, "^%c ", main_list[i].val + 64);
+ sofar = snprintf(buf, BUFSIZ, "^%c ", main_list[i].val + 64);
if (main_list[i].misc1 > KEY_F0 && main_list[i].misc1 <= KEY_F(64))
- sofar += sprintf(&buf[sofar], "(F%d) ",
+ sofar += snprintf(&buf[sofar], BUFSIZ - sofar, "(F%d) ",
main_list[i].misc1 - KEY_F0);
else
- sofar += sprintf(&buf[sofar], " ");
+ sofar += snprintf(&buf[sofar], BUFSIZ - sofar, " ");
if (main_list[i].altval > 0)
- sofar += sprintf(&buf[sofar], "(@%c) ",
+ sofar += snprintf(&buf[sofar], BUFSIZ - sofar, "(@%c) ",
main_list[i].altval - 32);
else
- sofar += sprintf(&buf[sofar], " ");
+ sofar += snprintf(&buf[sofar], BUFSIZ - sofar, " ");
if (main_list[i].help != NULL)
- sprintf(&buf[sofar], "%s\n", main_list[i].help);
+ snprintf(&buf[sofar], BUFSIZ - sofar, "%s\n", main_list[i].help);
strcat(help_text, buf);
}
diff --git a/search.c b/search.c
index c363080203bf78b0a040f94933a373d435f5a8b1..48d21da552da3c0046a570205353c581a6b827dc 100644
--- a/search.c
+++ b/search.c
@@ -41,10 +41,10 @@
int search_init(int replacing)
{
int i;
- char buf[135];
+ char buf[BUFSIZ];
if (last_search[0]) {
- sprintf(buf, " [%s]", last_search);
+ snprintf(buf, BUFSIZ, " [%s]", last_search);
} else {
buf[0] = '\0';
}
diff --git a/winio.c b/winio.c
index 4bd23a2b1c3f17b2f3ea72176c907f8bcb50e63e..274f20b32aa595efa7c7ed7fefd862f8301c45ca 100644
--- a/winio.c
+++ b/winio.c
@@ -490,7 +490,7 @@ void bottombars(shortcut s[], int slen)
clear_bottomwin();
wmove(bottomwin, 1, 0);
for (i = 0; i <= slen - 1; i += 2) {
- sprintf(keystr, "^%c", s[i].val + 64);
+ snprintf(keystr, 10, "^%c", s[i].val + 64);
onekey(keystr, s[i].desc);
for (j = 0; j < k; j++)
@@ -499,7 +499,7 @@ void bottombars(shortcut s[], int slen)
wmove(bottomwin, 2, 0);
for (i = 1; i <= slen - 1; i += 2) {
- sprintf(keystr, "^%c", s[i].val + 64);
+ snprintf(keystr, 10, "^%c", s[i].val + 64);
onekey(keystr, s[i].desc);
for (j = 0; j < k; j++)