$OpenBSD: patch-exif_c,v 1.2 2014/07/12 18:36:53 giovanni Exp $
--- exif.c.orig	Fri May 11 19:03:30 2012
+++ exif.c	Sat Jul 12 19:39:39 2014
@@ -283,8 +283,7 @@ postprop(struct exifprop *prop, struct exiftags *t)
 		}
 		val = exif4byte(t->md.btiff + prop->value, o) /
 		    exif4byte(t->md.btiff + prop->value + 4, o);
-		snprintf(prop->str, 31, "%d dp%s", val, tmpprop->str);
-		prop->str[31] = '\0';
+		snprintf(prop->str, PROPSTR_SIZE, "%d dp%s", val, tmpprop->str);
 		break;
 
 	/*
@@ -298,14 +297,13 @@ postprop(struct exifprop *prop, struct exiftags *t)
 		    (float)exif4sbyte(t->md.btiff + prop->value + 4, o);
 		if (isnan(fval)) fval = 0;
 		/* 1 / (2^speed) */
-		snprintf(prop->str, 31, "1/%d",
+		snprintf(prop->str, PROPSTR_SIZE, "1/%d",
 		    (int)floor(pow(2, (double)fval) + 0.5));
-		prop->str[31] = '\0';
 		/* FALLTHROUGH */
 
 	case EXIF_T_EXPOSURE:
 		if (strlen(prop->str) > 27) break;
-		strcat(prop->str, " sec");
+		strlcat(prop->str, " sec", PROPSTR_SIZE);
 		if (prop->tag == EXIF_T_EXPOSURE)
 			prop->override = EXIF_T_SHUTTER;
 		break;
@@ -314,8 +312,7 @@ postprop(struct exifprop *prop, struct exiftags *t)
 		fval = (float)exif4byte(t->md.btiff + prop->value, o) /
 		    (float)exif4byte(t->md.btiff + prop->value + 4, o);
 		if (isnan(fval)) fval = 0;
-		snprintf(prop->str, 31, "f/%.1f", fval);
-		prop->str[31] = '\0';
+		snprintf(prop->str, PROPSTR_SIZE, "f/%.1f", fval);
 		break;
 
 	case EXIF_T_LAPERTURE:
@@ -324,36 +321,34 @@ postprop(struct exifprop *prop, struct exiftags *t)
 		    (float)exif4byte(t->md.btiff + prop->value + 4, o);
 		if (isnan(fval)) fval = 0;
 		/* sqrt(2)^aperture */
-		snprintf(prop->str, 31, "f/%.1f", pow(1.4142, (double)fval));
-		prop->str[31] = '\0';
+		snprintf(prop->str, PROPSTR_SIZE, "f/%.1f", pow(1.4142, (double)fval));
 		break;
 
 	case EXIF_T_BRIGHTVAL:
 		if (exif4byte(t->md.btiff + prop->value, o) == 0xffffffff) {
-			strcpy(prop->str, "Unknown");
+			strlcpy(prop->str, "Unknown", PROPSTR_SIZE);
 			break;
 		}
 		/* FALLTHROUGH */
 
 	case EXIF_T_EXPBIASVAL:
 		if (strlen(prop->str) > 28) break;
-		strcat(prop->str, " EV");
+		strlcat(prop->str, " EV", PROPSTR_SIZE);
 		break;
 
 	case EXIF_T_DISTANCE:
 		if (exif4byte(t->md.btiff + prop->value, o) == 0xffffffff) {
-			strcpy(prop->str, "Infinity");
+			strlcpy(prop->str, "Infinity", PROPSTR_SIZE);
 			break;
 		}
 		if (exif4byte(t->md.btiff + prop->value + 4, o) == 0) {
-			strcpy(prop->str, "Unknown");
+			strlcpy(prop->str, "Unknown", PROPSTR_SIZE);
 			break;
 		}
 		fval = (float)exif4byte(t->md.btiff + prop->value, o) /
 		    (float)exif4byte(t->md.btiff + prop->value + 4, o);
 		if (isnan(fval)) fval = 0;
-		snprintf(prop->str, 31, "%.2f m", fval);
-		prop->str[31] = '\0';
+		snprintf(prop->str, PROPSTR_SIZE, "%.2f m", fval);
 		break;
 
 	/* Flash consists of a number of bits, which expanded with v2.2. */
@@ -384,15 +379,14 @@ postprop(struct exifprop *prop, struct exiftags *t)
 		fval = (float)exif4byte(t->md.btiff + prop->value, o) /
 		    (float)exif4byte(t->md.btiff + prop->value + 4, o);
 		if (isnan(fval)) fval = 0;
-		snprintf(prop->str, 31, "%.2f mm", fval);
-		prop->str[31] = '\0';
+		snprintf(prop->str, PROPSTR_SIZE, "%.2f mm", fval);
 		break;
 
 	/* Digital zoom: set to verbose if numerator is 0 or fraction = 1. */
 
 	case EXIF_T_DIGIZOOM:
 		if (!exif4byte(t->md.btiff + prop->value, o))
-			strcpy(prop->str, "Unused");
+			strlcpy(prop->str, "Unused", PROPSTR_SIZE);
 		else if (exif4byte(t->md.btiff + prop->value, o) !=
 		    exif4byte(t->md.btiff + prop->value + 4, o))
 			break;
@@ -401,7 +395,7 @@ postprop(struct exifprop *prop, struct exiftags *t)
 
 	case EXIF_T_FOCALLEN35:
 		exifstralloc(&prop->str, 16);
-		snprintf(prop->str, 15, "%d mm", prop->value);
+		snprintf(prop->str, 16, "%d mm", prop->value);
 		break;
 
 	/*
@@ -566,7 +560,7 @@ parsetag(struct exifprop *prop, struct ifd *dir, struc
 		t->exifmaj = (short)atoi(buf);
 
 		exifstralloc(&prop->str, 8);
-		snprintf(prop->str, 7, "%d.%02d", t->exifmaj, t->exifmin);
+		snprintf(prop->str, 8, "%d.%02d", t->exifmaj, t->exifmin);
 		break;
 
 	/* Process a maker note. */
@@ -680,7 +674,7 @@ parsetag(struct exifprop *prop, struct ifd *dir, struc
 			while (d > c && isspace((int)*(d - 1))) --d;
 
 			exifstralloc(&prop->str, d - c + 1);
-			strncpy(prop->str, c, d - c);
+			strlcpy(prop->str, c, d - c + 1);
 			prop->lvl = prop->str[0] ? ED_IMG : ED_VRB;
 			return;
 		}
@@ -714,8 +708,8 @@ parsetag(struct exifprop *prop, struct ifd *dir, struc
 		/* Sanity check the offset. */
 		if (!offsanity(prop, 1, dir)) {
 			exifstralloc(&prop->str, prop->count + 1);
-			strncpy(prop->str, (const char *)(btiff + prop->value),
-			    prop->count);
+			strlcpy(prop->str, (const char *)(btiff + prop->value),
+			    prop->count + 1);
 		}
 		return;
 	}
@@ -730,7 +724,7 @@ parsetag(struct exifprop *prop, struct ifd *dir, struc
 	if ((prop->type == TIFF_RTNL || prop->type == TIFF_SRTNL) &&
 	    !offsanity(prop, 8, dir)) {
 
-		exifstralloc(&prop->str, 32);
+		exifstralloc(&prop->str, PROPSTR_SIZE);
 
 		if (prop->type == TIFF_RTNL) {
 			un = exif4byte(btiff + prop->value, o);
