From 87779a8c85eec0b71703ed3090a3949761396a15 Mon Sep 17 00:00:00 2001
From: Joseph Hunkeler <jhunkeler@gmail.com>
Date: Wed, 15 Apr 2026 10:10:15 -0400
Subject: Replace sprintf with snprintf

* A few strcpy and strcat changes as well
---
 src/cli/stasis/args.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/cli/stasis/args.c')

diff --git a/src/cli/stasis/args.c b/src/cli/stasis/args.c
index dbc9c2f..696f3a6 100644
--- a/src/cli/stasis/args.c
+++ b/src/cli/stasis/args.c
@@ -85,7 +85,7 @@ void usage(char *progname) {
     int width = get_option_max_width(long_options);
     for (int x = 0; long_options[x].name != 0; x++) {
         char tmp[STASIS_NAME_MAX] = {0};
-        char output[sizeof(tmp)] = {0};
+        char output[STASIS_NAME_MAX] = {0};
         char opt_long[50] = {0};        // --? [ARG]?
         char opt_short[50] = {0};        // -? [ARG]?
 
@@ -105,8 +105,10 @@ void usage(char *progname) {
             strcat(opt_short, "  ");
         }
 
-        sprintf(tmp, "  %%-%ds\t%%s\t\t%%s", width + 4);
-        sprintf(output, tmp, opt_long, opt_short, long_options_help[x]);
+        const char *opt_fmt = "  %%-%ds\t%%s\t\t%%s";
+        size_t opt_fmt_len = snprintf(NULL, 0, opt_fmt, width);
+        snprintf(tmp, sizeof(tmp) - opt_fmt_len, opt_fmt, width + 4);
+        snprintf(output, sizeof(output), tmp, opt_long, opt_short, long_options_help[x]);
         puts(output);
     }
 }
-- 
cgit 


From dc6b871b419159097c272fe21cdef6acece40a99 Mon Sep 17 00:00:00 2001
From: Joseph Hunkeler <jhunkeler@gmail.com>
Date: Thu, 16 Apr 2026 11:52:11 -0400
Subject: Convert more strcat and strcpy to strn variants

---
 src/cli/stasis/args.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'src/cli/stasis/args.c')

diff --git a/src/cli/stasis/args.c b/src/cli/stasis/args.c
index 696f3a6..98b4479 100644
--- a/src/cli/stasis/args.c
+++ b/src/cli/stasis/args.c
@@ -89,20 +89,20 @@ void usage(char *progname) {
         char opt_long[50] = {0};        // --? [ARG]?
         char opt_short[50] = {0};        // -? [ARG]?
 
-        strcat(opt_long, "--");
-        strcat(opt_long, long_options[x].name);
+        strncat(opt_long, "--", sizeof(opt_long) - strlen(opt_long) - 1);
+        strncat(opt_long, long_options[x].name, sizeof(opt_long) - strlen(opt_long) - 1);
         if (long_options[x].has_arg) {
-            strcat(opt_long, " ARG");
+            strncat(opt_long, " ARG", sizeof(opt_long) - strlen(opt_long) - 1);
         }
 
         if (long_options[x].val <= 'z') {
-            strcat(opt_short, "-");
+            strncat(opt_short, "-", sizeof(opt_short) - strlen(opt_short) - 1);
             opt_short[1] = (char) long_options[x].val;
             if (long_options[x].has_arg) {
-                strcat(opt_short, " ARG");
+                strncat(opt_short, " ARG", sizeof(opt_short) - strlen(opt_short) - 1);
             }
         } else {
-            strcat(opt_short, "  ");
+            strncat(opt_short, "  ", sizeof(opt_short) - strlen(opt_short) - 1);
         }
 
         const char *opt_fmt = "  %%-%ds\t%%s\t\t%%s";
-- 
cgit