===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/diff/diffreg.c,v
retrieving revision 1.63
retrieving revision 1.64
diff -c -r1.63 -r1.64
*** src/usr.bin/diff/diffreg.c	2006/02/16 08:15:05	1.63
--- src/usr.bin/diff/diffreg.c	2006/02/22 07:26:08	1.64
***************
*** 1,4 ****
! /*	$OpenBSD: diffreg.c,v 1.63 2006/02/16 08:15:05 otto Exp $	*/
  
  /*
   * Copyright (C) Caldera International Inc.  2001-2002.
--- 1,4 ----
! /*	$OpenBSD: diffreg.c,v 1.64 2006/02/22 07:26:08 otto Exp $	*/
  
  /*
   * Copyright (C) Caldera International Inc.  2001-2002.
***************
*** 65,71 ****
   */
  
  #ifndef lint
! static const char rcsid[] = "$OpenBSD: diffreg.c,v 1.63 2006/02/16 08:15:05 otto Exp $";
  #endif /* not lint */
  
  #include <sys/param.h>
--- 65,71 ----
   */
  
  #ifndef lint
! static const char rcsid[] = "$OpenBSD: diffreg.c,v 1.64 2006/02/22 07:26:08 otto Exp $";
  #endif /* not lint */
  
  #include <sys/param.h>
***************
*** 511,518 ****
  
  	if ((tempdir = getenv("TMPDIR")) == NULL)
  		tempdir = _PATH_TMP;
! 	if (snprintf(tempfile, sizeof(tempfile), "%s/diff.XXXXXXXX",
! 	    tempdir) >= sizeof(tempfile)) {
  		close(ifd);
  		errno = ENAMETOOLONG;
  		return (NULL);
--- 511,520 ----
  
  	if ((tempdir = getenv("TMPDIR")) == NULL)
  		tempdir = _PATH_TMP;
! 	
! 	if (strlcpy(tempfile, tempdir, sizeof(tempfile)) >= sizeof(tempfile) ||
! 	    strlcat(tempfile, "/diff.XXXXXXXX", sizeof(tempfile)) >=
! 	    sizeof(tempfile)) {
  		close(ifd);
  		errno = ENAMETOOLONG;
  		return (NULL);