From 1e42112bb983f886f389b1fa3ef4d90a4dad4f91 Mon Sep 17 00:00:00 2001
From: markus schnalke <meillo@marmaro.de>
Date: Wed, 14 Jan 2015 21:22:02 +0100
Subject: [PATCH] forw: convert system() to execprog(); fix buffer check

---
 uip/forw.c |   36 ++++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 14 deletions(-)

diff --git a/uip/forw.c b/uip/forw.c
index 54b7c07..57e508f 100644
--- a/uip/forw.c
+++ b/uip/forw.c
@@ -257,25 +257,33 @@ static void
 add_forw_hdr(char *draft)
 {
 	int msgnum;
-	char buffer[BUFSIZ];
-
-	snprintf(buffer, sizeof buffer, "anno -append -nodate '%s' "
-			"-comp '%s' -text '+%s",
-			draft, attach_hdr, mp->foldpath);
+	char buf[BUFSIZ];
+	char *vec[MAXARGS];
+	int vecp = 0;
+
+	vec[vecp++] = "anno";
+	vec[vecp++] = "-append";
+	vec[vecp++] = "-nodate";
+	vec[vecp++] = draft;
+	vec[vecp++] = "-comp";
+	vec[vecp++] = attach_hdr;
+	vec[vecp++] = "-text";
+	snprintf(buf, sizeof buf, "+%s", mp->foldpath);
 	for (msgnum = mp->lowsel; msgnum <= mp->hghsel; msgnum++) {
 		if (!is_selected(mp, msgnum)) {
 			continue;
 		}
-		/* TODO: Check for buffer length! */
-		strcat(buffer, " ");
-		strcat(buffer, m_name(msgnum));
-	}
-	strcat(buffer, "'");
-	/* TODO: This check is bad, but better than nothing */
-	if (strlen(buffer) > BUFSIZ) {
-		adios(NULL, "Too long attachment header line. Forward less messages.");
+		if (strlen(buf) + 1 + strlen(m_name(msgnum)) + 1
+				> sizeof buf) {
+			adios(NULL, "Attachment header line too long. "
+					"Forward less messages.");
+		}
+		strcat(buf, " ");
+		strcat(buf, m_name(msgnum));
 	}
-	if (system(buffer) != 0) {
+	vec[vecp++] = buf;
+	vec[vecp] = NULL;
+	if (execprog(*vec, vec) != 0) {
 		advise(NULL, "unable to add attachment header");
 	}
 }
-- 
1.7.10.4