From 06236827fb9756583a3aa529d4c384fc210bfa43 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Wed, 2 Apr 1997 17:21:24 +0000
Subject: [PATCH] buf oflows, thanks imp & millert

---
 usr.bin/msgs/msgs.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/usr.bin/msgs/msgs.c b/usr.bin/msgs/msgs.c
index 2615e96f5b9..9fa92e808e7 100644
--- a/usr.bin/msgs/msgs.c
+++ b/usr.bin/msgs/msgs.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: msgs.c,v 1.7 1997/04/02 08:28:01 deraadt Exp $	*/
+/*	$OpenBSD: msgs.c,v 1.8 1997/04/02 17:21:24 deraadt Exp $	*/
 /*	$NetBSD: msgs.c,v 1.7 1995/09/28 06:57:40 tls Exp $	*/
 
 /*-
@@ -44,7 +44,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "@(#)msgs.c	8.2 (Berkeley) 4/28/95";
 #else
-static char rcsid[] = "$OpenBSD: msgs.c,v 1.7 1997/04/02 08:28:01 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: msgs.c,v 1.8 1997/04/02 17:21:24 deraadt Exp $";
 #endif
 #endif /* not lint */
 
@@ -113,8 +113,8 @@ FILE	*msgsrc;
 FILE	*newmsg;
 char	*sep = "-";
 char	inbuf[BUFSIZ];
-char	fname[128];
-char	cmdbuf[128];
+char	fname[MAXPATHLEN];
+char	cmdbuf[MAXPATHLEN + MAXPATHLEN];
 char	subj[128];
 char	from[128];
 char	date[128];
@@ -822,11 +822,13 @@ FILE *infile;
 			frompos = ftell(infile);
 			ptr = from;
 			in = nxtfld(inbuf);
-			if (*in) while (*in && *in > ' ') {
-				if (*in == ':' || *in == '@' || *in == '!')
-					local = NO;
-				*ptr++ = *in++;
-				/* what about sizeof from ? */
+			if (*in) {
+				while (*in && *in > ' ' &&
+				    ptr - from < sizeof from -1) {
+					if (*in == ':' || *in == '@' || *in == '!')
+						local = NO;
+					*ptr++ = *in++;
+				}
 			}
 			*ptr = NULL;
 			if (*(in = nxtfld(in)))
-- 
2.20.1