$OpenBSD: patch-fdupes_c,v 1.2 2014/10/17 19:56:45 sthen Exp $
--- fdupes.c.orig	Sat Apr 20 19:21:46 2013
+++ fdupes.c	Fri Oct 17 20:51:45 2014
@@ -36,6 +36,11 @@
 #include "md5/md5.h"
 #endif
 
+#ifdef HAVE_MD5
+#include <sys/types.h>
+#include <md5.h>
+#endif
+
 #define ISFLAG(a,b) ((a & b) == b)
 #define SETFLAG(a,b) (a |= b)
 
@@ -113,11 +118,13 @@ void escapefilename(char *escape_list, char **filename
 {
   int x;
   int tx;
+  size_t l;
   char *tmp;
   char *filename;
 
   filename = *filename_ptr;
 
+  l = strlen(filename) * 2 + 1;
   tmp = (char*) malloc(strlen(filename) * 2 + 1);
   if (tmp == NULL) {
     errormsg("out of memory!\n");
@@ -137,7 +144,7 @@ void escapefilename(char *escape_list, char **filename
       errormsg("out of memory!\n");
       exit(1);
     }
-    strcpy(*filename_ptr, tmp);
+    strlcpy(*filename_ptr, tmp, l);
   }
 }
 
@@ -236,6 +243,7 @@ int grokdir(char *dir, file_t **filelistp)
   struct dirent *dirinfo;
   int lastchar;
   int filecount = 0;
+  size_t l;
   struct stat info;
   struct stat linfo;
   static int progress = 0;
@@ -270,7 +278,8 @@ int grokdir(char *dir, file_t **filelistp)
       newfile->duplicates = NULL;
       newfile->hasdupes = 0;
 
-      newfile->d_name = (char*)malloc(strlen(dir)+strlen(dirinfo->d_name)+2);
+      l = strlen(dir)+strlen(dirinfo->d_name)+2;
+      newfile->d_name = (char*)malloc(l);
 
       if (!newfile->d_name) {
 	errormsg("out of memory!\n");
@@ -279,11 +288,11 @@ int grokdir(char *dir, file_t **filelistp)
 	exit(1);
       }
 
-      strcpy(newfile->d_name, dir);
+      strlcpy(newfile->d_name, dir, l);
       lastchar = strlen(dir) - 1;
       if (lastchar >= 0 && dir[lastchar] != '/')
-	strcat(newfile->d_name, "/");
-      strcat(newfile->d_name, dirinfo->d_name);
+	strlcat(newfile->d_name, "/", l);
+      strlcat(newfile->d_name, dirinfo->d_name, l);
       
       if (filesize(newfile->d_name) == 0 && ISFLAG(flags, F_EXCLUDEEMPTY)) {
 	free(newfile->d_name);
@@ -334,14 +343,22 @@ char *getcrcsignatureuntil(char *filename, off_t max_r
   int x;
   off_t fsize;
   off_t toread;
+#ifdef HAVE_MD5
+  MD5_CTX state;
+#else
   md5_state_t state;
+#endif
   md5_byte_t digest[16];  
   static md5_byte_t chunk[CHUNK_SIZE];
   static char signature[16*2 + 1]; 
   char *sigp;
   FILE *file;
-   
+
+#ifdef HAVE_MD5
+  MD5Init(&state);
+#else
   md5_init(&state);
+#endif
 
  
   fsize = filesize(filename);
@@ -362,16 +379,24 @@ char *getcrcsignatureuntil(char *filename, off_t max_r
       fclose(file);
       return NULL;
     }
+#ifdef HAVE_MD5
+    MD5Update(&state, chunk, toread);
+#else
     md5_append(&state, chunk, toread);
+#endif
     fsize -= toread;
   }
 
+#ifdef HAVE_MD5
+  MD5Final(digest, &state);
+#else
   md5_finish(&state, digest);
+#endif
 
   sigp = signature;
 
   for (x = 0; x < 16; x++) {
-    sprintf(sigp, "%02x", digest[x]);
+    snprintf(sigp, 2, "%02x", digest[x]);
     sigp = strchr(sigp, '\0');
   }
 
@@ -471,6 +496,7 @@ file_t **checkmatch(filetree_t **root, filetree_t *che
 {
   int cmpresult;
   char *crcsignature;
+  size_t l;
   off_t fsize;
 
   /* If device and inode fields are equal one of the files is a 
@@ -494,24 +520,26 @@ file_t **checkmatch(filetree_t **root, filetree_t *che
       crcsignature = getcrcpartialsignature(checktree->file->d_name);
       if (crcsignature == NULL) return NULL;
 
-      checktree->file->crcpartial = (char*) malloc(strlen(crcsignature)+1);
+      l = strlen(crcsignature)+1;
+      checktree->file->crcpartial = (char*) malloc(l);
       if (checktree->file->crcpartial == NULL) {
 	errormsg("out of memory\n");
 	exit(1);
       }
-      strcpy(checktree->file->crcpartial, crcsignature);
+      strlcpy(checktree->file->crcpartial, crcsignature, l);
     }
 
     if (file->crcpartial == NULL) {
       crcsignature = getcrcpartialsignature(file->d_name);
       if (crcsignature == NULL) return NULL;
 
-      file->crcpartial = (char*) malloc(strlen(crcsignature)+1);
+      l = strlen(crcsignature)+1;
+      file->crcpartial = (char*) malloc(l);
       if (file->crcpartial == NULL) {
 	errormsg("out of memory\n");
 	exit(1);
       }
-      strcpy(file->crcpartial, crcsignature);
+      strlcpy(file->crcpartial, crcsignature, l);
     }
 
     cmpresult = strcmp(file->crcpartial, checktree->file->crcpartial);
@@ -1164,7 +1192,7 @@ int main(int argc, char **argv) {
     }
     else
     {
-      stdin = freopen("/dev/tty", "r", stdin);
+      /* stdin isn't usable as an lvalue ... stdin = freopen("/dev/tty", "r", stdin); */
       deletefiles(files, 1, stdin);
     }
   }
