$OpenBSD: patch-src_command_C,v 1.2 2010/12/23 08:45:57 dcoppa Exp $
--- src/command.C.orig	Wed Dec  1 04:55:56 2010
+++ src/command.C	Thu Dec 23 09:34:09 2010
@@ -186,15 +186,15 @@ rxvt_term::iso14755_51 (unicode_t ch, rend_t r, int x,
 
   char attr[80]; // plenty
 
-  sprintf (attr, "%08x = fg %d bg %d%s%s%s%s%s%s",
-           (int)r,
-           fgcolor_of (r), bgcolor_of (r),
-           r & RS_Bold    ? " bold"    : "",
-           r & RS_Italic  ? " italic"  : "",
-           r & RS_Blink   ? " blink"   : "",
-           r & RS_RVid    ? " rvid"    : "",
-           r & RS_Uline   ? " uline"   : "",
-           r & RS_Careful ? " careful" : "");
+  snprintf (attr, sizeof (attr), "%08x = fg %d bg %d%s%s%s%s%s%s",
+            (int)r,
+            fgcolor_of (r), bgcolor_of (r),
+            r & RS_Bold    ? " bold"    : "",
+            r & RS_Italic  ? " italic"  : "",
+            r & RS_Blink   ? " blink"   : "",
+            r & RS_RVid    ? " rvid"    : "",
+            r & RS_Uline   ? " uline"   : "",
+            r & RS_Careful ? " careful" : "");
 
   int width = 0;
   fname = rxvt_temp_buf<wchar_t *> (len);
@@ -224,7 +224,7 @@ rxvt_term::iso14755_51 (unicode_t ch, rend_t r, int x,
 
       ch = *chr++;
 
-      sprintf (buf, "%8x", ch);
+      snprintf (buf, sizeof (buf), "%8x", ch);
       scr_overlay_set (0, y, buf);
       scr_overlay_set (9, y, '=');
 # if !UNICODE_3
@@ -665,17 +665,17 @@ rxvt_term::key_press (XKeyEvent &ev)
                     kbuf[1] = '\0';
                   }
                 else
-                  strcpy (kbuf, rs[Rs_backspace_key]);
+                  strlcpy (kbuf, rs[Rs_backspace_key], sizeof (kbuf));
                 break;
 #endif
 #ifndef NO_DELETE_KEY
               case XK_Delete:
-                strcpy (kbuf, rs[Rs_delete_key]);
+                strlcpy (kbuf, rs[Rs_delete_key], sizeof (kbuf));
                 break;
 #endif
               case XK_Tab:
                 if (shft)
-                  strcpy (kbuf, "\033[Z");
+                  strlcpy (kbuf, "\033[Z", sizeof (kbuf));
                 else
                   {
 #ifdef CTRL_TAB_MAKES_META
@@ -694,7 +694,7 @@ rxvt_term::key_press (XKeyEvent &ev)
               case XK_Down:	/* "\033[B" */
               case XK_Right:	/* "\033[C" */
               case XK_Left:	/* "\033[D" */
-                strcpy (kbuf, "\033[Z");
+                strlcpy (kbuf, "\033[Z", sizeof (kbuf));
                 kbuf[2] = "DACB"[keysym - XK_Left];
                 /* do Shift first */
                 if (shft)
@@ -712,7 +712,7 @@ rxvt_term::key_press (XKeyEvent &ev)
                 /* allow shift to override */
                 if (kp)
                   {
-                    strcpy (kbuf, "\033OM");
+                    strlcpy (kbuf, "\033OM", sizeof (kbuf));
                     break;
                   }
 
@@ -736,7 +736,7 @@ rxvt_term::key_press (XKeyEvent &ev)
               case XK_KP_F2:	/* "\033OQ" */
               case XK_KP_F3:	/* "\033OR" */
               case XK_KP_F4:	/* "\033OS" */
-                strcpy (kbuf, "\033OP");
+                strlcpy (kbuf, "\033OP", sizeof (kbuf));
                 kbuf[2] += (keysym - XK_KP_F1);
                 break;
 
@@ -759,7 +759,7 @@ rxvt_term::key_press (XKeyEvent &ev)
                 /* allow shift to override */
                 if (kp)
                   {
-                    strcpy (kbuf, "\033Oj");
+                    strlcpy (kbuf, "\033Oj", sizeof (kbuf));
                     kbuf[2] += (keysym - XK_KP_Multiply);
                   }
                 else
@@ -773,7 +773,7 @@ rxvt_term::key_press (XKeyEvent &ev)
                 {
                   int param = map_function_key (keysym);
                   if (param > 0)
-                    sprintf (kbuf,"\033[%d~", param);
+                    snprintf (kbuf, sizeof (kbuf),"\033[%d~", param);
                   else
                     newlen = 0;
                 }
@@ -799,7 +799,7 @@ rxvt_term::key_press (XKeyEvent &ev)
         }
       else if (keysym == XK_ISO_Left_Tab)
         {
-          strcpy (kbuf, "\033[Z");
+          strlcpy (kbuf, "\033[Z", sizeof (kbuf));
           len = 3;
         }
       else
@@ -3473,7 +3473,7 @@ rxvt_term::process_xterm_seq (int op, char *str, char 
           {
             char str[256];
 
-            sprintf (str, "[%dx%d+%d+%d]",
+            snprintf (str, sizeof (str), "[%dx%d+%d+%d]",
                      min (bgPixmap.h_scale, 32767), min (bgPixmap.v_scale, 32767),
                      min (bgPixmap.h_align, 32767), min (bgPixmap.v_align, 32767));
             process_xterm_seq (XTerm_title, str, CHAR_ST);
