Merge rgagnon's pedantic string checks (apps a-m, bug #2035)
authorMark Spencer <markster@digium.com>
Wed, 14 Jul 2004 07:22:30 +0000 (07:22 +0000)
committerMark Spencer <markster@digium.com>
Wed, 14 Jul 2004 07:22:30 +0000 (07:22 +0000)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@3428 65c4cc65-6c06-0410-ace0-fbb531ad65f3

apps/app_agi.c
apps/app_alarmreceiver.c
apps/app_cut.c
apps/app_dial.c
apps/app_disa.c
apps/app_enumlookup.c
apps/app_festival.c
apps/app_getcpeid.c
apps/app_hasnewvoicemail.c
apps/app_macro.c
apps/app_meetme.c

index 51f04e8..6479023 100755 (executable)
@@ -1135,15 +1135,18 @@ static agi_command commands[] = {
        { { "set", "music", NULL }, handle_setmusic, "Enable/Disable Music on hold generator", usage_setmusic }
 };
 
-static void join(char *s, int len, char *w[])
+static void join(char *s, size_t len, char *w[])
 {
        int x;
        /* Join words into a string */
-       strcpy(s, "");
+       if (!s) {
+               return;
+       }
+       s[0] = '\0';
        for (x=0;w[x];x++) {
                if (x)
-                       strncat(s, " ", len - strlen(s));
-               strncat(s, w[x], len - strlen(s));
+                       strncat(s, " ", len - strlen(s) - 1);
+               strncat(s, w[x], len - strlen(s) - 1);
        }
 }
 
index 91317ae..2d9c264 100755 (executable)
@@ -122,7 +122,7 @@ static void database_increment( char *key )
        if(option_verbose >= 4)
                ast_verbose(VERBOSE_PREFIX_4 "AlarmReceiver: New value for %s: %u\n", key, v);
                
-       snprintf(value, sizeof(value) - 1, "%u", v);
+       snprintf(value, sizeof(value), "%u", v);
        
        res = ast_db_put(db_family, key, value);
        
@@ -389,7 +389,7 @@ static int log_events(struct ast_channel *chan,  char *signalling_type, event_no
 {
 
        int res = 0;
-       char workstring[sizeof(event_spool_dir)+sizeof(event_file)];
+       char workstring[sizeof(event_spool_dir)+sizeof(event_file)] = "";
        int fd;
        FILE *logfile;
        event_node_t *elp = event;
@@ -398,8 +398,8 @@ static int log_events(struct ast_channel *chan,  char *signalling_type, event_no
                
                /* Make a template */
                
-               strcpy(workstring, event_spool_dir);
-               strcat(workstring, event_file);
+               strncpy(workstring, event_spool_dir, sizeof(workstring) - 1);
+               strncat(workstring, event_file, sizeof(workstring) - strlen(workstring) - 1);
                
                /* Make the temporary file */
                
@@ -586,9 +586,11 @@ static int receive_ademco_contact_id( struct ast_channel *chan, void *data, int
                        res = -1;
                         break;
                }
+
+               memset(enew, 0, sizeof(event_node_t));
                
                enew->next = NULL;
-               strncpy(enew->data, event, sizeof(enew->data));
+               strncpy(enew->data, event, sizeof(enew->data) - 1);
 
                /*
                * Insert event onto end of list
@@ -638,7 +640,7 @@ static int alarmreceiver_exec(struct ast_channel *chan, void *data)
        int res = 0;
        struct localuser *u;
        event_node_t *elp, *efree;
-       char signalling_type[64];
+       char signalling_type[64] = "";
 
        event_node_t *event_head = NULL;
 
@@ -661,7 +663,7 @@ static int alarmreceiver_exec(struct ast_channel *chan, void *data)
 
        /* Set default values for this invokation of the application */
        
-       strcpy(signalling_type, ADEMCO_CONTACT_ID);
+       strncpy(signalling_type, ADEMCO_CONTACT_ID, sizeof(signalling_type) - 1);
 
 
        /* Answer the channel if it is not already */
index aa180f1..da397f6 100755 (executable)
@@ -101,7 +101,7 @@ static int cut_exec(struct ast_channel *chan, void *data)
                        d = '-';
 
                /* String form of the delimiter, for use with strsep(3) */
-               sprintf(ds,"%c",d);
+               snprintf(ds, sizeof(ds), "%c", d);
 
                pbx_substitute_variables_helper(chan, tmp, tmp2, MAXRESULT - 1);
 
index 319b9b6..d44de70 100755 (executable)
@@ -122,7 +122,7 @@ static void hanguptree(struct localuser *outgoing, struct ast_channel *exception
 
 #define AST_MAX_WATCHERS 256
 
-static struct ast_channel *wait_for_answer(struct ast_channel *in, struct localuser *outgoing, int *to, int *allowredir_in, int *allowredir_out, int *allowdisconnect, int *sentringing, char *status)
+static struct ast_channel *wait_for_answer(struct ast_channel *in, struct localuser *outgoing, int *to, int *allowredir_in, int *allowredir_out, int *allowdisconnect, int *sentringing, char *status, size_t statussize)
 {
        struct localuser *o;
        int found;
@@ -168,11 +168,11 @@ static struct ast_channel *wait_for_answer(struct ast_channel *in, struct localu
                                if (option_verbose > 2)
                                        ast_verbose( VERBOSE_PREFIX_2 "Everyone is busy/congested at this time\n");
                                if (numbusy)
-                                       strcpy(status, "BUSY");
+                                       strncpy(status, "BUSY", statussize - 1);
                                else if (numcongestion)
-                                       strcpy(status, "CONGESTION");
+                                       strncpy(status, "CONGESTION", statussize - 1);
                                else if (numnochan)
-                                       strcpy(status, "CHANUNAVAIL");
+                                       strncpy(status, "CHANUNAVAIL", statussize - 1);
                                /* See if there is a special busy message */
                                if (ast_exists_extension(in, in->context, in->exten, in->priority + 101, in->callerid)) 
                                        in->priority+=100;
@@ -251,7 +251,7 @@ static struct ast_channel *wait_for_answer(struct ast_channel *in, struct localu
                                                                free(o->chan->ani);
                                                        o->chan->ani = malloc(strlen(in->ani) + 1);
                                                        if (o->chan->ani)
-                                                               strncpy(o->chan->ani, in->ani, strlen(in->ani) + 1);
+                                                               strncpy(o->chan->ani, in->ani, strlen(in->ani));
                                                        else
                                                                ast_log(LOG_WARNING, "Out of memory\n");
                                                }
@@ -367,7 +367,7 @@ static struct ast_channel *wait_for_answer(struct ast_channel *in, struct localu
                        if (!f || ((f->frametype == AST_FRAME_CONTROL) && (f->subclass == AST_CONTROL_HANGUP))) {
                                /* Got hung up */
                                *to=-1;
-                               strcpy(status, "CANCEL");
+                               strncpy(status, "CANCEL", statussize - 1);
                                return NULL;
                        }
                        if (f && (f->frametype == AST_FRAME_DTMF) && *allowdisconnect &&
@@ -411,7 +411,7 @@ static int dial_exec(struct ast_channel *chan, void *data)
        char restofit[AST_MAX_EXTENSION];
        char *transfer = NULL;
        char *newnum;
-       char callerid[256], *l, *n;
+       char callerid[256] = "", *l, *n;
        char *url=NULL; /* JDG */
        struct ast_var_t *current;
        struct varshead *headp, *newheadp;
@@ -432,7 +432,7 @@ static int dial_exec(struct ast_channel *chan, void *data)
        char *sdtmfptr;
        char sdtmfdata[256] = "";
        char *stack,*var;
-       char status[256];
+       char status[256]="";
        char toast[80];
        int play_to_caller=0,play_to_callee=0;
        int playargs=0, sentringing=0, moh=0;
@@ -626,9 +626,9 @@ static int dial_exec(struct ast_channel *chan, void *data)
        }
        if (privacy) {
                if (chan->callerid)
-                       strncpy(callerid, chan->callerid, sizeof(callerid));
+                       strncpy(callerid, chan->callerid, sizeof(callerid) - 1);
                else
-                       strcpy(callerid, "");
+                       callerid[0] = '\0';
                ast_callerid_parse(callerid, &n, &l);
                if (l) {
                        ast_shrink_phone_number(l);
@@ -760,7 +760,7 @@ static int dial_exec(struct ast_channel *chan, void *data)
                else
                        tmp->chan->callerid = NULL;
                /* Copy language from incoming to outgoing */
-               strcpy(tmp->chan->language, chan->language);
+               strncpy(tmp->chan->language, chan->language, sizeof(tmp->chan->language) - 1);
                if (ast_strlen_zero(tmp->chan->musicclass))
                        strncpy(tmp->chan->musicclass, chan->musicclass, sizeof(tmp->chan->musicclass) - 1);
                if (chan->ani)
@@ -819,7 +819,7 @@ static int dial_exec(struct ast_channel *chan, void *data)
 
        if (outgoing) {
                /* Our status will at least be NOANSWER */
-               strcpy(status, "NOANSWER");
+               strncpy(status, "NOANSWER", sizeof(status) - 1);
                if (outgoing->musiconhold) {
                        moh=1;
                        ast_moh_start(chan, NULL);
@@ -828,10 +828,10 @@ static int dial_exec(struct ast_channel *chan, void *data)
                        sentringing++;
                }
        } else
-               strcpy(status, "CHANUNAVAIL");
+               strncpy(status, "CHANUNAVAIL", sizeof(status) - 1);
 
        time(&start_time);
-       peer = wait_for_answer(chan, outgoing, &to, &allowredir_in, &allowredir_out, &allowdisconnect, &sentringing, status);
+       peer = wait_for_answer(chan, outgoing, &to, &allowredir_in, &allowredir_out, &allowdisconnect, &sentringing, status, sizeof(status));
 
        if (!peer) {
                if (to) 
@@ -849,7 +849,7 @@ static int dial_exec(struct ast_channel *chan, void *data)
                /* Once call is answered, ditch the OSP Handle */
                pbx_builtin_setvar_helper(chan, "OSPHANDLE", "");
 #endif         
-               strcpy(status, "ANSWER");
+               strncpy(status, "ANSWER", sizeof(status) - 1);
                /* Ah ha!  Someone answered within the desired timeframe.  Of course after this
                   we will always return with -1 so that it is hung up properly after the 
                   conversation.  */
index 132f86e..3022c9e 100755 (executable)
@@ -116,7 +116,7 @@ static int disa_exec(struct ast_channel *chan, void *data)
 {
        int i,j,k,x;
        struct localuser *u;
-       char tmp[256],arg2[256],exten[AST_MAX_EXTENSION],acctcode[20];
+       char tmp[256],arg2[256]="",exten[AST_MAX_EXTENSION],acctcode[20]="";
        struct {
                unsigned char offset[AST_FRIENDLY_OFFSET];
                unsigned char buf[640];
@@ -149,7 +149,7 @@ static int disa_exec(struct ast_channel *chan, void *data)
        ourcontext = strsep(&stringp, "|");
        /* if context specified, save 2nd arg and parse third */
        if (ourcontext) {
-               strcpy(arg2,ourcontext);
+               strncpy(arg2,ourcontext, sizeof(arg2) - 1);
                ourcallerid = strsep(&stringp,"|");
        }
          /* if context not specified, use "disa" */
@@ -291,7 +291,7 @@ static int disa_exec(struct ast_channel *chan, void *data)
                                        k = 1;
                                        i = 0;  /* re-set buffer pointer */
                                        exten[sizeof(acctcode)] = 0;
-                                       strcpy(acctcode,exten);
+                                       strncpy(acctcode,exten, sizeof(acctcode) - 1);
                                        exten[0] = 0;
                                        ast_log(LOG_DEBUG,"Successful DISA log-in on chan %s\n",chan->name);
                                        continue;
@@ -316,9 +316,9 @@ static int disa_exec(struct ast_channel *chan, void *data)
                        if (chan->callerid) free(chan->callerid);
                        chan->callerid = strdup(ourcallerid);
                }
-               strcpy(chan->exten,exten);
-               strcpy(chan->context,ourcontext);
-               strcpy(chan->accountcode,acctcode);
+               strncpy(chan->exten, exten, sizeof(chan->exten) - 1);
+               strncpy(chan->context, ourcontext, sizeof(chan->context) - 1);
+               strncpy(chan->accountcode, acctcode, sizeof(chan->accountcode) - 1);
                chan->priority = 0;
                ast_cdr_init(chan->cdr,chan);
                LOCAL_USER_REMOVE(u);
index bf81a4d..d2ea84c 100755 (executable)
@@ -47,7 +47,7 @@ static char *descrip =
 
 #define ENUM_CONFIG "enum.conf"
 
-static char h323driver[80];
+static char h323driver[80] = "";
 #define H323DRIVERDEFAULT "H323"
 
 STANDARD_LOCAL_USER;
@@ -148,9 +148,9 @@ static int load_config(void)
        cfg = ast_load(ENUM_CONFIG);
        if (cfg) {
                if (!(s=ast_variable_retrieve(cfg, "general", "h323driver"))) {
-                       strcpy(h323driver, H323DRIVERDEFAULT);
+                       strncpy(h323driver, H323DRIVERDEFAULT, sizeof(h323driver) - 1);
                } else {
-                       strcpy(h323driver, s);
+                       strncpy(h323driver, s, sizeof(h323driver) - 1);
                }
                ast_destroy(cfg);
                return 0;
index 6e895b6..c6a4008 100755 (executable)
@@ -268,9 +268,9 @@ static int festival_exec(struct ast_channel *chan, void *vdata)
        int i;
        struct MD5Context md5ctx;
        unsigned char MD5Res[16];
-       char MD5Hex[33];
-       char koko[4];
-       char cachefile[MAXFESTLEN];
+       char MD5Hex[33] = "";
+       char koko[4] = "";
+       char cachefile[MAXFESTLEN]="";
        int readcache=0;
        int writecache=0;
        int strln;
@@ -348,18 +348,18 @@ static int festival_exec(struct ast_channel *chan, void *vdata)
        MD5Init(&md5ctx);
        MD5Update(&md5ctx,(unsigned char const *)data,strlen(data));
        MD5Final(MD5Res,&md5ctx);
-       strcpy(MD5Hex,"");
+               MD5Hex[0] = '\0';
        
        /* Convert to HEX and look if there is any matching file in the cache 
                directory */
        for (i=0;i<16;i++) {
-               sprintf(koko,"%X",MD5Res[i]);
-               strcat(MD5Hex,koko);
+               snprintf(koko, sizeof(koko), "%X",MD5Res[i]);
+               strncat(MD5Hex, koko, sizeof(MD5Hex) - strlen(MD5Hex) - 1);
        }
        readcache=0;
        writecache=0;
        if (strlen(cachedir)+strlen(MD5Hex)+1<=MAXFESTLEN && (usecache==-1)) {
-               sprintf(cachefile,"%s/%s",cachedir,MD5Hex);
+               snprintf(cachefile, sizeof(cachefile), "%s/%s", cachedir, MD5Hex);
                fdesc=open(cachefile,O_RDWR);
                if (fdesc==-1) {
                        fdesc=open(cachefile,O_CREAT|O_RDWR,0);
index 9aa0bc6..d0a0be6 100755 (executable)
@@ -67,9 +67,9 @@ static int cpeid_exec(struct ast_channel *chan, void *idata)
        stuff[2] = data[2];
        stuff[3] = data[3];
        memset(data, 0, sizeof(data));
-       strcpy(stuff[0], "** CPE Info **");
-       strcpy(stuff[1], "Identifying CPE...");
-       strcpy(stuff[2], "Please wait...");
+       strncpy(stuff[0], "** CPE Info **", sizeof(data[0]) - 1);
+       strncpy(stuff[1], "Identifying CPE...", sizeof(data[1]) - 1);
+       strncpy(stuff[2], "Please wait...", sizeof(data[2]) - 1);
        res = adsi_load_session(chan, NULL, 0, 1);
        if (res > 0) {
                cpeid_setstatus(chan, stuff, 0);
@@ -80,8 +80,8 @@ static int cpeid_exec(struct ast_channel *chan, void *idata)
                                ast_verbose(VERBOSE_PREFIX_3 "Got CPEID of '%02x:%02x:%02x:%02x' on '%s'\n", cpeid[0], cpeid[1], cpeid[2], cpeid[3], chan->name);
                }
                if (res > -1) {
-                       strcpy(stuff[1], "Measuring CPE...");
-                       strcpy(stuff[2], "Please wait...");
+                       strncpy(stuff[1], "Measuring CPE...", sizeof(data[1]) - 1);
+                       strncpy(stuff[2], "Please wait...", sizeof(data[2]) - 1);
                        cpeid_setstatus(chan, stuff, 0);
                        res = adsi_get_cpeinfo(chan, &width, &height, &buttons, 0);
                        if (res > -1) {
@@ -92,14 +92,14 @@ static int cpeid_exec(struct ast_channel *chan, void *idata)
                }
                if (res > -1) {
                        if (gotcpeid)
-                               sprintf(stuff[1], "CPEID: %02x:%02x:%02x:%02x", cpeid[0], cpeid[1], cpeid[2], cpeid[3]);
+                               snprintf(stuff[1], sizeof(data[1]), "CPEID: %02x:%02x:%02x:%02x", cpeid[0], cpeid[1], cpeid[2], cpeid[3]);
                        else
-                               strcpy(stuff[1], "CPEID Unknown");
+                               strncpy(stuff[1], "CPEID Unknown", sizeof(data[1]) - 1);
                        if (gotgeometry) 
-                               sprintf(stuff[2], "Geom: %dx%d, %d buttons", width, height, buttons);
+                               snprintf(stuff[2], sizeof(data[2]), "Geom: %dx%d, %d buttons", width, height, buttons);
                        else
-                               strcpy(stuff[2], "Geometry unknown");
-                       strcpy(stuff[3], "Press # to exit");
+                               strncpy(stuff[2], "Geometry unknown", sizeof(data[2]) - 1);
+                       strncpy(stuff[3], "Press # to exit", sizeof(data[3]) - 1);
                        cpeid_setstatus(chan, stuff, 1);
                        for(;;) {
                                res = ast_waitfordigit(chan, 1000);
index 62585f1..733a65e 100755 (executable)
@@ -113,7 +113,7 @@ static int hasvoicemail_exec(struct ast_channel *chan, void *data)
                /* Set the count in the channel variable */
                if (varname) {
                        char tmp[12];
-                       snprintf(tmp, sizeof(tmp) - 1, "%d", vmcount);
+                       snprintf(tmp, sizeof(tmp), "%d", vmcount);
                        pbx_builtin_setvar_helper(chan, varname, tmp);
                }
 
index dd53946..ea6775c 100755 (executable)
@@ -122,8 +122,9 @@ static int macro_exec(struct ast_channel *chan, void *data)
   pbx_builtin_setvar_helper(chan, "MACRO_OFFSET", NULL);
 
   /* Setup environment for new run */
-  strcpy(chan->exten, "s");
-  strncpy(chan->context, fullmacro, sizeof(chan->context));
+  chan->exten[0] = 's';
+  chan->exten[1] = '\0';
+  strncpy(chan->context, fullmacro, sizeof(chan->context) - 1);
   chan->priority = 1;
 
   while((cur = strsep(&rest, "|")) && (argc < MAX_ARGS)) {
@@ -193,8 +194,8 @@ out:
   pbx_builtin_setvar_helper(chan, "MACRO_PRIORITY", save_macro_priority);
   if (save_macro_priority) free(save_macro_priority);
   if (setmacrocontext) {
-       strcpy(chan->macrocontext, "");
-       strcpy(chan->macroexten, "");
+       chan->macrocontext[0] = '\0';
+       chan->macroexten[0] = '\0';
        chan->macropriority = 0;
   }
 
index ec77e8f..983bf5f 100755 (executable)
@@ -303,7 +303,7 @@ static int conf_cmd(int fd, int argc, char **argv) {
        ast_cli(fd, header_format, "Conf Num", "Parties", "Marked", "Activity", "Creation");
                while(cnf) {
                        if (cnf->markedusers < 0)
-                               strcpy(cmdline, "N/A ");
+                               strncpy(cmdline, "N/A ", sizeof(cmdline) - 1);
                        else 
                                snprintf(cmdline, sizeof(cmdline), "%4.4d", cnf->markedusers);
                        hr = (now - cnf->start) / 3600;
@@ -320,37 +320,37 @@ static int conf_cmd(int fd, int argc, char **argv) {
        }
        if (argc < 3)
                return RESULT_SHOWUSAGE;
-       strncpy(cmdline, argv[2], 100); /* Argv 2: conference number */
+       strncpy(cmdline, argv[2], sizeof(cmdline) - 1); /* Argv 2: conference number */
        if (strstr(argv[1], "lock")) {  
                if (strcmp(argv[1], "lock") == 0) {
                        /* Lock */
-                       strcat(cmdline, "|L");
+                       strncat(cmdline, "|L", sizeof(cmdline) - strlen(cmdline) - 1);
                } else {
                        /* Unlock */
-                       strcat(cmdline, "|l");
+                       strncat(cmdline, "|l", sizeof(cmdline) - strlen(cmdline) - 1);
                }
        } else if (strstr(argv[1], "mute")) { 
                if (argc < 4)
                        return RESULT_SHOWUSAGE;
                if (strcmp(argv[1], "mute") == 0) {
                        /* Mute */
-                       strcat(cmdline, "|M|"); 
-                       strcat(cmdline, argv[3]);
+                       strncat(cmdline, "|M|", sizeof(cmdline) - strlen(cmdline) - 1); 
+                       strncat(cmdline, argv[3], sizeof(cmdline) - strlen(cmdline) - 1);
                } else {
                        /* Unmute */
-                       strcat(cmdline, "|m|");
-                       strcat(cmdline, argv[3]);
+                       strncat(cmdline, "|m|", sizeof(cmdline) - strlen(cmdline) - 1);
+                       strncat(cmdline, argv[3], sizeof(cmdline) - strlen(cmdline) - 1);
                }
        } else if (strcmp(argv[1], "kick") == 0) {
                if (argc < 4)
                        return RESULT_SHOWUSAGE;
                if (strcmp(argv[3], "all") == 0) {
                        /* Kick all */
-                       strcat(cmdline, "|K");
+                       strncat(cmdline, "|K", sizeof(cmdline) - strlen(cmdline) - 1);
                } else {
                        /* Kick a single user */
-                       strcat(cmdline, "|k|");
-                       strcat(cmdline, argv[3]);
+                       strncat(cmdline, "|k|", sizeof(cmdline) - strlen(cmdline) - 1);
+                       strncat(cmdline, argv[3], sizeof(cmdline) - strlen(cmdline) - 1);
                }       
        } else if(strcmp(argv[1], "list") == 0) {
                /* List all the users in a conference */
@@ -443,7 +443,7 @@ static char *complete_confcmd(char *line, char *word, int pos, int state) {
                                /* Search for the user */
                                usr = cnf->firstuser;
                                while(usr) {
-                                       sprintf(usrno, "%i", usr->user_no);
+                                       snprintf(usrno, sizeof(usrno), "%i", usr->user_no);
                                        if (!strncasecmp(word, usrno, strlen(word))) {
                                                if (++which > state)
                                                        break;
@@ -503,12 +503,18 @@ static int conf_run(struct ast_channel *chan, struct ast_conference *conf, int c
        struct ast_app *app;
        char *agifile;
        char *agifiledefault = "conf-background.agi";
-       char meetmesecs[30];
+       char meetmesecs[30] = "";
 
        ZT_BUFFERINFO bi;
        char __buf[CONF_SIZE + AST_FRIENDLY_OFFSET];
        char *buf = __buf + AST_FRIENDLY_OFFSET;
        
+       if (!user) {
+               ast_log(LOG_ERROR, "Out of memory\n");
+               return(ret);
+       }
+       memset(user, 0, sizeof(struct ast_conf_user));
+
        user->user_no = 0; /* User number 0 means starting up user! (dead - not in the list!) */
        
        if (conf->locked) {
@@ -548,7 +554,7 @@ static int conf_run(struct ast_channel *chan, struct ast_conference *conf, int c
                        conf->lastuser = user;
                }
        }
-       strncpy(user->usrvalue, "test", sizeof(user->usrvalue));
+       strncpy(user->usrvalue, "test", sizeof(user->usrvalue) - 1);
        user->chan = chan;
        user->userflags = confflags;
        user->adminflags = 0;
@@ -1006,7 +1012,7 @@ outrun:
                                        ast_log(LOG_ERROR, "Bad! Bad! Bad! user->prevuser is NULL but we're not the beginning!\n");
                        }
                        /* Return the number of seconds the user was in the conf */
-                       sprintf(meetmesecs, "%i", (int) (user->jointime - time(NULL)));
+                       snprintf(meetmesecs, sizeof(meetmesecs), "%i", (int) (user->jointime - time(NULL)));
                        pbx_builtin_setvar_helper(chan, "MEETMESECS", meetmesecs);
                }
        }
@@ -1144,7 +1150,7 @@ static int conf_exec(struct ast_channel *chan, void *data)
 
        if (info) {
                char *tmp = strsep(&info, "|");
-               strncpy(confno, tmp, sizeof(confno));
+               strncpy(confno, tmp, sizeof(confno) - 1);
                if (ast_strlen_zero(confno)) {
                        allowretry = 1;
                }
@@ -1273,7 +1279,7 @@ static int conf_exec(struct ast_channel *chan, void *data)
                        if (ast_strlen_zero(confno) && dynamic) {
                                for (i=0;i<1024;i++) {
                                        if (!map[i]) {
-                                               snprintf(confno, sizeof(confno) - 1, "%d", i);
+                                               snprintf(confno, sizeof(confno), "%d", i);
                                                break;
                                        }
                                }
@@ -1301,7 +1307,7 @@ static int conf_exec(struct ast_channel *chan, void *data)
                        res = ast_app_getdata(chan, "conf-getconfno", confno, sizeof(confno) - 1, 0);
                        if (res < 0) {
                                /* Don't try to validate when we catch an error */
-                               strcpy(confno, "");
+                               confno[0] = '\0';
                                allowretry = 0;
                                break;
                        }
@@ -1315,7 +1321,7 @@ static int conf_exec(struct ast_channel *chan, void *data)
                                        ast_waitstream(chan, "");
                                res = -1;
                                if (allowretry)
-                                       strcpy(confno, "");
+                                       confno[0] = '\0';
                        } else {
                                if (!ast_strlen_zero(cnf->pin)) {
                                        char pin[AST_MAX_EXTENSION];
@@ -1340,7 +1346,7 @@ static int conf_exec(struct ast_channel *chan, void *data)
                                                                ast_waitstream(chan, "");
                                                        res = -1;
                                                        if (allowretry)
-                                                               strcpy(confno, "");
+                                                               confno[0] = '\0';
                                                }
                                        } else {
                                                res = -1;
@@ -1367,7 +1373,7 @@ static struct ast_conf_user* find_user(struct ast_conference *conf, char *caller
        if (conf && callerident) {
                user = conf->firstuser;
                while(user) {
-                       sprintf(usrno, "%i", user->user_no);
+                       snprintf(usrno, sizeof(usrno), "%i", user->user_no);
                        if (strcmp(usrno, callerident) == 0)
                                return user;
                        user = user->nextuser;