===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/less/Attic/regexp.c,v
retrieving revision 1.1.1.2
retrieving revision 1.1.1.3
diff -u -r1.1.1.2 -r1.1.1.3
--- src/usr.bin/less/Attic/regexp.c	2003/04/13 18:21:21	1.1.1.2
+++ src/usr.bin/less/Attic/regexp.c	2014/04/25 13:33:50	1.1.1.3
@@ -242,8 +242,10 @@
 	regnpar = 1;
 	regcode = r->program;
 	regc(MAGIC);
-	if (reg(0, &flags) == NULL)
+	if (reg(0, &flags) == NULL) {
+		free(r);
 		return(NULL);
+	}
 
 	/* Dig out information for optimizations. */
 	r->regstart = '\0';	/* Worst-case defaults. */
@@ -1144,7 +1146,7 @@
 	register char *p;
 	static char buf[50];
 
-	(void) strcpy(buf, ":");
+	(void) strlcpy(buf, ":", sizeof(buf));
 
 	switch (OP(op)) {
 	case BOL:
@@ -1186,7 +1188,8 @@
 	case OPEN+7:
 	case OPEN+8:
 	case OPEN+9:
-		sprintf(buf+strlen(buf), "OPEN%d", OP(op)-OPEN);
+		snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf),
+		    "OPEN%d", OP(op)-OPEN);
 		p = NULL;
 		break;
 	case CLOSE+1:
@@ -1198,7 +1201,8 @@
 	case CLOSE+7:
 	case CLOSE+8:
 	case CLOSE+9:
-		sprintf(buf+strlen(buf), "CLOSE%d", OP(op)-CLOSE);
+		snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf),
+		    "CLOSE%d", OP(op)-CLOSE);
 		p = NULL;
 		break;
 	case STAR:
@@ -1212,7 +1216,7 @@
 		break;
 	}
 	if (p != NULL)
-		(void) strcat(buf, p);
+		(void) strlcat(buf, p, sizeof(buf));
 	return(buf);
 }
 #endif