* Bug #15213, #18635: The use of the insecure m_scratch() and

[mmh] / sbr / m_scratch.c

diff --git a/sbr/m_scratch.c b/sbr/m_scratch.c
index d712576..353da56 100644 (file)
--- a/sbr/m_scratch.c
+++ b/sbr/m_scratch.c
@@ -3,11 +3,18 @@
  * m_scratch.c -- construct a scratch file
  *
  * $Id$
+ *
+ * This code is Copyright (c) 2002, by the authors of nmh.  See the
+ * COPYRIGHT file in the root directory of the nmh distribution for
+ * complete copyright information.
  */
 
 #include <h/mh.h>
 
-
+/***************************************************************************
+ * DO NOT USE THIS FUNCTION!  IT WILL BE REMOVED IN THE FUTURE.
+ * THIS FUNCTION IS INSECURE.  USE THE FUNCTIONS DEFINED IN m_mktemp.c.
+ ***************************************************************************/
 char *
 m_scratch (char *file, char *template)
 {
@@ -25,11 +32,11 @@ m_scratch (char *file, char *template)
 /*
 #endif
 */
-/* nasty - this really means: if there is no '/' in the path */
+    /* nasty - this really means: if there is no '/' in the path */
     if ((cp = r1bindex (file, '/')) == file)
        strncpy (buffer, tmpfil, sizeof(buffer));
     else
-       snprintf (buffer, sizeof(buffer), "%.*s%s", cp - file, file, tmpfil);
+       snprintf (buffer, sizeof(buffer), "%.*s%s", (int)(cp - file), file, tmpfil);
     unlink (buffer);
 
     return buffer;