From 34bc43d5326431daf05ea3b2c08415e8c577dae2 Mon Sep 17 00:00:00 2001
From: Will Andrews <will@FreeBSD.org>
Date: Thu, 25 Jan 2001 03:40:17 +0000
Subject: [PATCH] Fix bogus checking of snprintf() by decreasing the remaining
 size of the string after each successful snprintf() call.  This makes
 apply(1) work *correctly*, although the whole snprintf() deal really should
 be redone.

Bug noted by:	nectar (about 3 weeks ago)
---
 usr.bin/apply/apply.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/usr.bin/apply/apply.c b/usr.bin/apply/apply.c
index 2224e493234b..0894957c6f6a 100644
--- a/usr.bin/apply/apply.c
+++ b/usr.bin/apply/apply.c
@@ -146,11 +146,13 @@ main(int argc, char *argv[]) {
 		if ((size_t)offset >= cmdsize)
 			err(1, "snprintf() failed");
 		p += offset;
+		cmdsize -= offset;
 		for (i = 1; i <= nargs; i++) {
 			offset = snprintf(p, cmdsize, " %c%d", magic, i);
 			if ((size_t)offset >= cmdsize)
 				err(1, "snprintf() failed");
 			p += offset;
+			cmdsize -= offset;
 		}
 
 		/*
@@ -197,6 +199,7 @@ main(int argc, char *argv[]) {
 				if ((size_t)offset >= l)
 					err(1, "snprintf() failed");
 				q += offset;
+				l -= offset;
 			} else
 				*q++ = *p;