From aeba4f28cbc7449f10d694a0f46af0a153cdc73a Mon Sep 17 00:00:00 2001
From: Art Cancro <ajc@citadel.org>
Date: Fri, 29 Jun 2007 05:01:56 +0000
Subject: [PATCH] When reading in SMTP recipients, use safestrncpy() instead of
 strcpy() to load the address conversion buffer.

---
 citadel/serv_smtp.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/citadel/serv_smtp.c b/citadel/serv_smtp.c
index a9e46f681..df1e56005 100644
--- a/citadel/serv_smtp.c
+++ b/citadel/serv_smtp.c
@@ -549,7 +549,7 @@ void smtp_mail(char *argbuf) {
  * Implements the "RCPT To:" command
  */
 void smtp_rcpt(char *argbuf) {
-	char recp[SIZ];
+	char recp[1024];
 	char message_to_spammer[SIZ];
 	struct recptypes *valid = NULL;
 
@@ -570,7 +570,7 @@ void smtp_rcpt(char *argbuf) {
 		return;
 	}
 
-	strcpy(recp, &argbuf[3]);
+	safestrncpy(recp, &argbuf[3], sizeof recp);
 	striplt(recp);
 	stripallbut(recp, '<', '>');
 
@@ -623,8 +623,9 @@ void smtp_rcpt(char *argbuf) {
 	}
 	strcat(SMTP->recipients, recp);
 	SMTP->number_of_recipients += 1;
-	if (valid != NULL) 
+	if (valid != NULL)  {
 		free_recipients(valid);
+	}
 }
 
 
-- 
2.39.2