From 19ed1aa6a98e019d20011705181e9f830fd7b6dc Mon Sep 17 00:00:00 2001
From: David Griffith <dave@661.org>
Date: Tue, 12 Feb 2019 04:45:03 -0800
Subject: [PATCH] Replace two remaining strcpy() calls in curses interface.

---
 src/curses/ux_input.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/curses/ux_input.c b/src/curses/ux_input.c
index 3c842b3..afbccf7 100644
--- a/src/curses/ux_input.c
+++ b/src/curses/ux_input.c
@@ -359,7 +359,8 @@ static int unix_history_back(zchar *str, int searchlen, int maxlen)
 	}
     } while (strlen( *history_view) > (size_t) maxlen
 	     || (searchlen != 0 && strncmp( (char *)str, *history_view, searchlen)));
-    strcpy((char *)str + searchlen, *history_view + searchlen);
+    strncpy((char *)str + searchlen, *history_view + searchlen,
+		(size_t) maxlen - (strlen((char *)str) + searchlen));
     return 1;
 }
 
@@ -384,7 +385,8 @@ static int unix_history_forward(zchar *str, int searchlen, int maxlen)
 	}
     } while (strlen( *history_view) > (size_t) maxlen
 	     || (searchlen != 0 && strncmp( (char *)str, *history_view, searchlen)));
-    strcpy((char *)str + searchlen, *history_view + searchlen);
+    strncpy((char *)str + searchlen, *history_view + searchlen,
+		(size_t) maxlen - (strlen((char *)str) + searchlen));
     return 1;
 }
 
-- 
2.34.1