===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sendbug/sendbug.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -c -r1.30 -r1.31
*** src/usr.bin/sendbug/sendbug.c	2007/03/26 07:16:11	1.30
--- src/usr.bin/sendbug/sendbug.c	2007/03/26 18:13:08	1.31
***************
*** 1,4 ****
! /*	$OpenBSD: sendbug.c,v 1.30 2007/03/26 07:16:11 ray Exp $	*/
  
  /*
   * Written by Ray Lai <ray@cyth.net>.
--- 1,4 ----
! /*	$OpenBSD: sendbug.c,v 1.31 2007/03/26 18:13:08 moritz Exp $	*/
  
  /*
   * Written by Ray Lai <ray@cyth.net>.
***************
*** 285,291 ****
  void
  init(void)
  {
! 	size_t len = 0, namelen;
  	const char *src;
  	int sysname[2];
  	char *dst, *cp;
--- 285,291 ----
  void
  init(void)
  {
! 	size_t amp, len, namelen;
  	const char *src;
  	int sysname[2];
  	char *dst, *cp;
***************
*** 294,309 ****
  		err(1, "getpwuid");
  	namelen = strlen(pw->pw_name);
  
! 	/* Add length of expanded '&', minus existing '&'. */
! 	src = pw->pw_gecos;
! 	src += strcspn(src, ",&");
! 	while (*src == '&') {
! 		len += namelen - 1;
! 		/* Look for next '&', skipping the one we just found. */
! 		src += 1 + strcspn(src, ",&");
! 	}
! 	/* Add full name length, including all those '&' we skipped. */
! 	len += src - pw->pw_gecos;
  	if ((fullname = malloc(len + 1)) == NULL)
  		err(1, "malloc");
  
--- 294,305 ----
  		err(1, "getpwuid");
  	namelen = strlen(pw->pw_name);
  
! 	/* Count number of '&'. */
! 	for (amp = 0, src = pw->pw_gecos; *src && *src != ','; ++src)
! 		if (*src == '&')
! 			++amp;
! 	/* Expanded str = orig str - '&' chars + concatenated logins. */
! 	len = (src - pw->pw_gecos) - amp + (amp * namelen);
  	if ((fullname = malloc(len + 1)) == NULL)
  		err(1, "malloc");