From fce08eec1e8cc1395162162691ecb9d7c95c6655 Mon Sep 17 00:00:00 2001
From: Stas Degteff <stas_degteff@users.sourceforge.net>
Date: Tue, 24 May 2011 21:22:16 +0000
Subject: [PATCH] Fix buffer overflow in helpfile processing. Bugreport from
 Anton Gorlov 2:5059/37

---
 golded3/gcmisc.cpp | 2 +-
 golded3/geline.cpp | 2 +-
 golded3/gepost.cpp | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/golded3/gcmisc.cpp b/golded3/gcmisc.cpp
index 21d8be3..cea4f87 100644
--- a/golded3/gcmisc.cpp
+++ b/golded3/gcmisc.cpp
@@ -80,7 +80,7 @@ int ReadHelpCfg(int force) {
             comment = NO;
             HlpL[counter].help = atow(buf+3);
             ptr = strchr(buf, ',');
-            strbtrim(strcpy(HlpL[counter].category, ptr ? ptr+1 : ""));
+            strbtrim(strxcpy(HlpL[counter].category, ptr ? ptr+1 : "", sizeof(HlpL[counter].category)));
             HlpL[counter].offset = offset + strlen(buf);
             counter++;
           }
diff --git a/golded3/geline.cpp b/golded3/geline.cpp
index 804f24e..c5b41b3 100644
--- a/golded3/geline.cpp
+++ b/golded3/geline.cpp
@@ -2823,7 +2823,7 @@ void MsgLineReIndex(GMsg* msg, int viewhidden, int viewkludge, int viewquote) {
     line = line->next;
   }
 
-  msg->line = (Line**)throw_xcalloc(msg->lines+2, sizeof(Line*));
+  msg->line = (Line**)throw_xcalloc(msg->lines+2, sizeof(Line*)); // FIXME: Memory Leak
 
   x = 0;
   msg->lines = 0;
diff --git a/golded3/gepost.cpp b/golded3/gepost.cpp
index a557403..88266d6 100644
--- a/golded3/gepost.cpp
+++ b/golded3/gepost.cpp
@@ -198,7 +198,7 @@ void CheckSubject(GMsg* msg, char* subj) {
         {
           ISub subject;
           gsprintf(PRINTF_DECLARE_BUFFER(subject), "%s%s%s%s%s ", fspec[x].delsent ? "^" : "", ReMapPath(fspec[x].path), fspec[x].fblk ? (fspec[x].fblk[m].name ? fspec[x].fblk[m].name : "") : "", *fspec[x].password ? " " : "", fspec[x].password);
-          
+
           if ((strlen(buf) + strlen(subject)) > 71)
           {
             n++;