This time strecpy is used. In awd.c is no smprint used, because
I don't see a reason why there should be something alloced for
such a simple thing.

Notes:
Sun May 22 10:06:17 EDT 2005 rsc
    I changed awd.c to use smprint.  The reason is that fprint uses a
    small buffer internally and if you have a very long path, calling
    fprint directly will split the print into multiple writes.
    
    Thanks for your help.


Reference: /n/sources/patch/applied/schtarb-2nd
Date: Sun May 22 10:14:00 CES 2005
Reviewed-by: rsc

--- /sys/src/cmd/auth/none.c	Sun May 22 09:45:30 2005
+++ /sys/src/cmd/auth/none.c	Sun May 22 09:45:27 2005
@@ -23,12 +23,12 @@
 		sysfatal("can't build namespace");
 
 	if (argc > 1) {
-		strcpy(cmd, argv[1]);
+		strecpy(cmd, cmd + sizeof(cmd), argv[1]);
 		exec(cmd, &argv[1]);
 		if (strncmp(cmd, "/", 1) != 0
 		&& strncmp(cmd, "./", 2) != 0
 		&& strncmp(cmd, "../", 3) != 0) {
-			sprint(cmd, "/bin/%s", argv[1]);
+			snprint(cmd, sizeof(cmd), "/bin/%s", argv[1]);
 			exec(cmd, &argv[1]);
 		}
 	} else {
--- /sys/src/cmd/upas/send/filter.c	Sun May 22 09:45:48 2005
+++ /sys/src/cmd/upas/send/filter.c	Sun May 22 09:45:44 2005
@@ -14,7 +14,7 @@
 	dest *dp;
 	Reprog *p;
 	Resub match[10];
-	char file[MAXPATHLEN];
+	char file[MAXPATHLEN + 1];
 	Biobuf *fp;
 	char *rcvr, *cp;
 	Mlock *l;
@@ -48,7 +48,7 @@
 	}
 
 	dp = d_new(s_copy(argv[0]));
-	strcpy(file, argv[1]);
+	strecpy(file, file + sizeof(file), argv[1]);
 	cp = findbody(s_to_c(mp->body));
 	for(i = 2; i < argc; i += 2){
 		p = regcomp(argv[i]);
--- /sys/src/cmd/bzip2/bzip2recover.c	Sun May 22 09:46:13 2005
+++ /sys/src/cmd/bzip2/bzip2recover.c	Sun May 22 09:46:08 2005
@@ -290,7 +290,7 @@
       exit(1);
    }
 
-   strcpy ( inFileName, argv[1] );
+   strecpy ( inFileName, inFileName + sizeof(inFileName), argv[1] );
 
    inFile = fopen ( inFileName, "rb" );
    if (inFile == NULL) {
--- /sys/src/cmd/spin/main.c	Sun May 22 09:46:43 2005
+++ /sys/src/cmd/spin/main.c	Sun May 22 09:46:37 2005
@@ -317,14 +317,14 @@
 	if (argc > 1)
 	{	char cmd[128], out2[64];
 #ifdef PC
-		strcpy(out1, "_tmp1_");
-		strcpy(out2, "_tmp2_");
+		strncpy(out1, "_tmp1_", sizeof(out1));
+		strncpy(out2, "_tmp2_", sizeof(out2));
 #else
 		/* extern char *tmpnam(char *);  in stdio.h */
 		if (add_ltl || nvr_file)
 		{	/* must remain in current dir */
-			strcpy(out1, "_tmp1_");
-			strcpy(out2, "_tmp2_");
+			strncpy(out1, "_tmp1_", sizeof(out1));
+			strncpy(out2, "_tmp2_", sizeof(out2));
 		} else
 		{	(void) tmpnam(out1);
 			(void) tmpnam(out2);
@@ -367,9 +367,9 @@
 
 		if (strncmp(argv[1], "progress", 8) == 0
 		||  strncmp(argv[1], "accept", 6) == 0)
-			sprintf(cmd, "_%s", argv[1]);
+			snprintf(cmd, sizeof(cmd), "_%s", argv[1]);
 		else
-			strcpy(cmd, argv[1]);
+			strncpy(cmd, argv[1], sizeof(cmd));
 		oFname = Fname = lookup(cmd);
 		if (oFname->name[0] == '\"')
 		{	int i = strlen(oFname->name);
--- /sys/src/cmd/calendar.c	Sun May 22 09:47:13 2005
+++ /sys/src/cmd/calendar.c	Sun May 22 09:47:09 2005
@@ -77,7 +77,7 @@
 			snprint(buf, sizeof(buf),
 				"/usr/%s/lib/calendar", getuser());
 		else
-			strcpy(buf, argv[i]);
+			strecpy(buf, buf + sizeof(buf), argv[i]);
 		fd = open(buf, OREAD);
 		if(fd<0 || Binit(&in, fd, OREAD)<0){
 			fprint(2, "calendar: can't open %s: %r\n", buf);
--- /sys/src/cmd/aux/reboot.c	Sun May 22 09:47:46 2005
+++ /sys/src/cmd/aux/reboot.c	Sun May 22 09:47:42 2005
@@ -64,7 +64,7 @@
 
 	notify(ding);
 	if(argc > 1)
-		strcpy(file, argv[1]);
+		strecpy(file, file + sizeof(file), argv[1]);
 	else{
 		p = readenv("cputype", buf, sizeof(buf));
 		if(p == 0)
--- /sys/src/cmd/gs/jpeg/wrjpgcom.c	Sun May 22 09:48:26 2005
+++ /sys/src/cmd/gs/jpeg/wrjpgcom.c	Sun May 22 09:48:20 2005
@@ -445,7 +445,7 @@
 	comment_arg = (char *) malloc((size_t) MAX_COM_LENGTH);
 	if (comment_arg == NULL)
 	  ERREXIT("Insufficient memory");
-	strcpy(comment_arg, argv[argn]+1);
+	strecpy(comment_arg, comment_arg + sizeof(comment_arg), argv[argn]+1);
 	for (;;) {
 	  comment_length = strlen(comment_arg);
 	  if (comment_length > 0 && comment_arg[comment_length-1] == '"') {
--- /sys/src/cmd/spin/tl_main.c	Sun May 22 09:49:07 2005
+++ /sys/src/cmd/spin/tl_main.c	Sun May 22 09:49:03 2005
@@ -66,7 +66,7 @@
 					||  argv[1][i] == '\n')
 						argv[1][i] = ' ';
 				}
-				strcpy(uform, argv[1]);
+				strecpy(uform, uform + sizeof(uform), argv[1]);
 				hasuform = strlen(uform);
 				break;
 		case 'v':	tl_verbose++;
--- /sys/src/cmd/upas/scanmail/scanmail.c	Sun May 22 09:49:56 2005
+++ /sys/src/cmd/upas/scanmail/scanmail.c	Sun May 22 09:49:51 2005
@@ -102,7 +102,7 @@
 				usage();
 			argc--;
 			argv++;
-			strcpy(patfile, *argv);
+			strecpy(patfile, patfile + sizeof(patfile), *argv);
 			break;
 		case 'q':			/* queue name */
 			if(argv[0][2] ||  argv[1] == 0)
--- /sys/src/libscribble/graffiti.c	Sun May 22 09:50:46 2005
+++ /sys/src/libscribble/graffiti.c	Sun May 22 09:50:42 2005
@@ -187,13 +187,11 @@
 	/* ...then figure out where the classifiers are... */
 	if ( (homedir = (char*)getenv("home")) == nil ) {
 		if(0)fprint(2, "no homedir, using = %s\n", REC_DEFAULT_USER_DIR);
-		strcpy(pg->cldir, REC_DEFAULT_USER_DIR);
+		strecpy(pg->cldir, pg->cldir + sizeof(pg->cldir), REC_DEFAULT_USER_DIR);
 		usingDefault = true;
 	} else {
 		if(0)fprint(2, "homedir = %s\n", homedir);
-		strcpy(pg->cldir, homedir);
-		strcat(pg->cldir, "/"); 
-		strcat(pg->cldir, CLASSIFIER_DIR); 
+		snprint(pg->cldir, sizeof(pg->cldir), "%s/%s", homedir, CLASSIFIER_DIR);
 		usingDefault = false;
 	}
 
--- /sys/src/cmd/aux/vga/main.c	Sun May 22 09:51:45 2005
+++ /sys/src/cmd/aux/vga/main.c	Sun May 22 09:51:40 2005
@@ -289,9 +289,9 @@
 
 	if(iflag || lflag){
 		if(getenv(type))
-			sprint(monitordb, "/env/%s", type);
+			snprint(monitordb, sizeof(monitordb), "/env/%s", type);
 		else
-			strcpy(monitordb, dbname);
+			strecpy(monitordb, monitordb + sizeof(monitordb), dbname);
 
 		if(vga->vesa){
 			strcpy(monitordb, "vesa bios");
--- /sys/src/cmd/troff/t10.c	Sun May 22 09:52:47 2005
+++ /sys/src/cmd/troff/t10.c	Sun May 22 09:52:42 2005
@@ -48,7 +48,7 @@
 	/* open table for device, */
 	/* read in resolution, size info, font info, etc., set params */
 	if ((p = getenv("TYPESETTER")) != 0)
-		strcpy(devname, p);
+		strecpy(devname, devname + sizeof(devname), p);
 	if (termtab[0] == 0)
 		strcpy(termtab, DWBfontdir);
 	if (fontdir[0] == 0)
@@ -58,7 +58,7 @@
 	hyf = 1;
 	lg = 1;
 
-	sprintf(buf, "/dev%s/DESC", devname);
+	snprintf(buf, sizeof(buf), "/dev%s/DESC", devname);
 	strcat(termtab, buf);
 	if (getdesc(termtab) < 0) {
 		ERROR "can't open DESC file %s", termtab WARN;
--- /sys/src/cmd/ip/ftpd.c	Sun May 22 09:53:59 2005
+++ /sys/src/cmd/ip/ftpd.c	Sun May 22 09:53:50 2005
@@ -217,7 +217,7 @@
 	/* figure out which binaries to bind in later */
 	arg = getenv("cputype");
 	if(arg)
-		strcpy(cputype, arg);
+		strecpy(cputype, cputype + sizeof(cputype), arg);
 	else
 		strcpy(cputype, "mips");
 	snprint(bindir, sizeof(bindir), "/bin/%s/bin", cputype);
--- /sys/src/cmd/7a/lex.c	Sun May 22 09:55:13 2005
+++ /sys/src/cmd/7a/lex.c	Sun May 22 09:55:07 2005
@@ -81,7 +81,7 @@
 	}
 
 child:
-	strcpy(ofile, *argv);
+	strecpy(ofile, ofile + sizeof(ofile), *argv);
 	if(p = strrchr(ofile, '/')) {
 		include[0] = ofile;
 		*p++ = 0;
@@ -103,9 +103,7 @@
 		if(p)
 			*p = thechar;
 	} else {
-		strcpy(incfile, "/");
-		strcat(incfile, thestring);
-		strcat(incfile, "/include");
+		snprint(incfile, sizeof(incfile), "/%s/include", thestring);
 	}
 	include[ninclude++] = incfile;
 	if(p = getenv("INCLUDE"))
--- /sys/src/cmd/upas/common/libsys.c	Sun May 22 09:56:31 2005
+++ /sys/src/cmd/upas/common/libsys.c	Sun May 22 09:56:25 2005
@@ -429,7 +429,7 @@
 		cp = alt_sysname_read();
 	if(cp == 0 || *cp == 0)
 		cp = "kremvax";
-	strcpy(name, cp);
+	strecpy(name, name + sizeof(name), cp);
 	return name;
 }
 extern char *
--- /sys/src/ape/lib/ap/plan9/system.c	Sun May 22 09:57:46 2005
+++ /sys/src/ape/lib/ap/plan9/system.c	Sun May 22 09:57:42 2005
@@ -17,7 +17,7 @@
 	if(!s)
 		return 1; /* a command interpreter is available */
 	pid = fork();
-	sprintf(cmd, "/%s/bin/ape/sh", oty);
+	snprintf(cmd, sizeof(cmd), "/%s/bin/ape/sh", oty);
 	if(pid == 0) {
 		execl(cmd, "sh", "-c", s, 0);
 		_exit(1);
--- /sys/src/cmd/cpp/nlist.c	Sun May 22 09:59:08 2005
+++ /sys/src/cmd/cpp/nlist.c	Sun May 22 09:59:04 2005
@@ -83,7 +83,7 @@
 	 * (Note that includelist is searched from high end to low)
 	 */
 	if ((objtype = getenv("objtype"))){
-		sprintf(nbuf, "/%s/include", objtype);
+		snprintf(nbuf, sizeof(nbuf), "/%s/include", objtype);
 		includelist[1].file = nbuf;
 		includelist[1].always = 1;
 	} else {
--- /sys/src/cmd/gs/jpeg/jmemdos.c	Sun May 22 10:00:39 2005
+++ /sys/src/cmd/gs/jpeg/jmemdos.c	Sun May 22 10:00:33 2005
@@ -144,7 +144,7 @@
       *ptr++ = '\\';		/* append backslash if not in env variable */
     /* Append a suitable file name */
     next_file_num++;		/* advance counter */
-    sprintf(ptr, "JPG%03d.TMP", next_file_num);
+    snprintf(ptr, strlen(ptr), "JPG%03d.TMP", next_file_num);
     /* Probe to see if file name is already in use */
     if ((tfile = fopen(fname, READ_BINARY)) == NULL)
       break;
--- /sys/src/cmd/lp/lpdsend.c	Sun May 22 10:02:11 2005
+++ /sys/src/cmd/lp/lpdsend.c	Sun May 22 10:02:06 2005
@@ -231,15 +231,15 @@
 	if(cp == 0){
 		if(defnet==0){
 			if(defsrv)
-				sprintf(addr, "net!%s!%s", linear, defsrv);
+				snprintf(addr, sizeof(addr), "net!%s!%s", linear, defsrv);
 			else
-				sprintf(addr, "net!%s", linear);
+				snprintf(addr, sizeof(addr), "net!%s", linear);
 		}
 		else {
 			if(defsrv)
-				sprintf(addr, "%s!%s!%s", defnet, linear, defsrv);
+				snprintf(addr, sizeof(addr), "%s!%s!%s", defnet, linear, defsrv);
 			else
-				sprintf(addr, "%s!%s", defnet, linear);
+				snprintf(addr, sizeof(addr), "%s!%s", defnet, linear);
 		}
 		return addr;
 	}
--- /sys/src/cmd/awd.c	Sun May 22 10:03:42 2005
+++ /sys/src/cmd/awd.c	Sun May 22 10:03:38 2005
@@ -4,31 +4,16 @@
 void
 main(int argc, char **argv)
 {
-	int fd, n, m;
-	char buf[1024], dir[512], *str;
+	int fd;
+	char dir[512], *str;
 
 	fd = open("/dev/acme/ctl", OWRITE);
 	if(fd < 0)
 		exits(0);
 	getwd(dir, 512);
-	strcpy(buf, "name ");
-	strcpy(buf+5, dir);
-	n = strlen(buf);
-	if(n>0 && buf[n-1]!='/')
-		buf[n++] = '/';
-	buf[n++] = '-';
-	if(argc > 1)
-		str = argv[1];
-	else
-		str = "rc";
-	m = strlen(str);
-	strcpy(buf+n, str);
-	n += m;
-	buf[n++] = '\n';
-	write(fd, buf, n);
-	strcpy(buf, "dumpdir ");
-	strcpy(buf+8, dir);
-	strcat(buf, "\n");
-	write(fd, buf, strlen(buf));
+	fprint(fd, "name %s%s-%s\n", dir,
+					(dir[strlen(dir) - 1] != '/') ? "/" : "",
+					(argc > 1) ? argv[1] : "rc");
+	fprint(fd, "dumpdir %s\n", dir);
 	exits(0);
 }
--- /sys/src/cmd/history.c	Sun May 22 10:05:15 2005
+++ /sys/src/cmd/history.c	Sun May 22 10:05:11 2005
@@ -97,7 +97,7 @@
 		ndump = "dump";
 
 	tm = localtime(time(0));
-	sprint(buf, "/n/%s/%.4d/", ndump, tm->year+1900);
+	snprint(buf, sizeof(buf), "/n/%s/%.4d/", ndump, tm->year+1900);
 	if(access(buf, AREAD) < 0) {
 		if(verb)
 			print("mounting dump %s\n", ndump);
@@ -124,7 +124,7 @@
 	else{
 		print("%s %s %lld [%s]\n", prtime(dir->mtime), file, dir->length, dir->muid);
 		started = 1;
-		strcpy(pair[1], file);
+		strecpy(pair[1], pair[1] + sizeof(pair[1]), file);
 	}
 	free(dir);
 	otime = starttime(sflag);
--- /sys/src/cmd/import.c	Sun May 22 10:06:52 2005
+++ /sys/src/cmd/import.c	Sun May 22 10:06:48 2005
@@ -333,7 +333,7 @@
 	if ((s = strchr(newport, '!')) == nil)
 		sysfatal("filter: illegally formatted port %s\n", newport);
 
-	strcpy(buf, netmkaddr(host, "tcp", "0"));
+	strncpy(buf, buf + sizeof(buf), netmkaddr(host, "tcp", "0"));
 	pbuf = strrchr(buf, '!');
 	strcpy(pbuf, s);
 
--- /sys/src/cmd/yacc.c	Sun May 22 10:08:43 2005
+++ /sys/src/cmd/yacc.c	Sun May 22 10:08:31 2005
@@ -2111,26 +2111,26 @@
 	char buf[256];
 
 	if(vflag) {
-		sprint(buf, "%s.%s", stem, FILEU);
+		snprint(buf, sizeof(buf), "%s.%s", stem, FILEU);
 		foutput = Bopen(buf, OWRITE);
 		if(foutput == 0)
 			error("cannot open %s", buf);
 	}
 	if(yydebug) {
-		sprint(buf, "%s.%s", stem, FILEDEBUG);
+		snprint(buf, sizeof(buf), "%s.%s", stem, FILEDEBUG);
 		if((fdebug = Bopen(buf, OWRITE)) == 0)
 			error("can't open %s", buf);
 	}
 	if(dflag) {
-		sprint(buf, "%s.%s", stem, FILED);
+		snprint(buf, sizeof(buf), "%s.%s", stem, FILED);
 		fdefine = Bopen(buf, OWRITE);
 		if(fdefine == 0)
 			error("can't create %s", buf);
 	}
 	if(ytab == 0)
-		sprint(buf, "%s.%s", stem, OFILE);
+		snprint(buf, sizeof(buf), "%s.%s", stem, OFILE);
 	else
-		strcpy(buf, ytabc);
+		strecpy(buf, buf + sizeof(buf), ytabc);
 	ftable = Bopen(buf, OWRITE);
 	if(ftable == 0)
 		error("cannot open table file %s", buf);
--- /sys/src/cmd/split.c	Sun May 22 10:10:26 2005
+++ /sys/src/cmd/split.c	Sun May 22 10:10:23 2005
@@ -116,8 +116,7 @@
 			fprint(2, "split: file %szz not split\n",stem);
 		canopen = 0;
 	} else {
-		strcpy(name, stem);
-		strcat(name, suff);
+		snprint(name, sizeof(name), "%s%s", stem, suff);
 		if(++suff[1] > 'z') 
 			suff[1] = 'a', ++suff[0];
 		openf();
@@ -130,8 +129,8 @@
 {
 	if(match[1].sp) {
 		int len = match[1].ep - match[1].sp;
-		strncpy(name, match[1].sp, len);
-		strcpy(name+len, suffix);
+		strecpy(name, name+len, match[1].sp);
+		strecpy(name+len, name+sizeof(name), suffix);
 		openf();
 		return 1;
 	} 
--- /sys/src/cmd/srvfs.c	Sun May 22 10:12:14 2005
+++ /sys/src/cmd/srvfs.c	Sun May 22 10:12:10 2005
@@ -78,10 +78,10 @@
 		fprint(2, "not OK (%d): %s\n", n, buf);
 		exits("OK");
 	}
-	if(argv[0][0] == '/')
-		strcpy(buf, argv[0]);
+	if(argv[0] != nil && argv[0][0] == '/')
+		strecpy(buf, buf + sizeof(buf), argv[0]);
 	else
-		sprint(buf, "/srv/%s", argv[0]);
+		snprint(buf, sizeof(buf), "/srv/%s", argv[0]);
 	fd = create(buf, OWRITE, perm);
 	if(fd < 0){
 		fprint(2, "can't create %s: %r\n", buf);