===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth-rhosts.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- src/usr.bin/ssh/auth-rhosts.c	1999/09/28 04:45:35	1.2
+++ src/usr.bin/ssh/auth-rhosts.c	1999/09/29 21:14:15	1.3
@@ -16,7 +16,7 @@
 */
 
 #include "includes.h"
-RCSID("$Id: auth-rhosts.c,v 1.2 1999/09/28 04:45:35 provos Exp $");
+RCSID("$Id: auth-rhosts.c,v 1.3 1999/09/29 21:14:15 deraadt Exp $");
 
 #include "packet.h"
 #include "ssh.h"
@@ -86,8 +86,7 @@
 	  continue; /* Empty line? */
 	case 1:
 	  /* Host name only. */
-	  strncpy(userbuf, server_user, sizeof(userbuf));
-	  userbuf[sizeof(userbuf) - 1] = 0;
+	  strlcpy(userbuf, server_user, sizeof(userbuf));
 	  break;
 	case 2:
 	  /* Got both host and user name. */
@@ -207,7 +206,7 @@
        rhosts_file_index++)
     {
       /* Check users .rhosts or .shosts. */
-      sprintf(buf, "%.500s/%.100s", 
+      snprintf(buf, sizeof buf, "%.500s/%.100s", 
 	      pw->pw_dir, rhosts_files[rhosts_file_index]);
       if (stat(buf, &st) >= 0)
 	break;
@@ -286,7 +285,7 @@
        rhosts_file_index++)
     {
       /* Check users .rhosts or .shosts. */
-      sprintf(buf, "%.500s/%.100s", 
+      snprintf(buf, sizeof buf, "%.500s/%.100s", 
 	      pw->pw_dir, rhosts_files[rhosts_file_index]);
       if (stat(buf, &st) < 0)
 	continue; /* No such file. */