* Bug #15213, #18635: The use of the insecure m_scratch() and

[mmh] / uip / slocal.c

diff --git a/uip/slocal.c b/uip/slocal.c
index 1396cc2..f24228a 100644 (file)
--- a/uip/slocal.c
+++ b/uip/slocal.c
@@ -959,7 +959,7 @@ logged_in (void)
 
     while ((utp = getutent()) != NULL) {
         if (
-#ifdef HAVE_UTMP_UT_TYPE
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
                utp->ut_type == USER_PROCESS
                 &&
 #endif
@@ -1274,12 +1274,12 @@ copy_message (int qd, char *tmpfil, int fold)
     int i, first = 1, fd1, fd2;
     char buffer[BUFSIZ];
     FILE *qfp, *ffp;
+    char *tfile = NULL;
 
-    strcpy (tmpfil, m_tmpfil (invo_name));
-
-    /* open temporary file to put message in */
-    if ((fd1 = open (tmpfil, O_RDWR | O_CREAT | O_TRUNC, 0600)) == -1)
-       return -1;
+    tfile = m_mktemp2(NULL, invo_name, &fd1, NULL);
+    if (tfile == NULL) return -1;
+    fchmod(fd1, 0600);
+    strncpy (tmpfil, tfile, BUFSIZ);
 
     if (!fold) {
        while ((i = read (qd, buffer, sizeof(buffer))) > 0)
@@ -1361,11 +1361,11 @@ you_lose:
                    /* return path for UUCP style addressing */
                    ep = strchr(++hp, '\n');
                    snprintf (buffer, sizeof(buffer), "Return-Path: %.*s!%.*s\n",
-                       ep - hp, hp, cp - fp, fp);
+                       (int)(ep - hp), hp, (int)(cp - fp), fp);
                } else {
                    /* return path for standard domain addressing */
                    snprintf (buffer, sizeof(buffer), "Return-Path: %.*s\n",
-                       cp - fp, fp);
+                       (int)(cp - fp), fp);
                }
 
                /* Add Return-Path header to message */