vdcomp security patch

This patch is also found in the xv 3.10a rollup 2001-05-12 patch.  If you
applied the xv 3.10a rollup 2001-05-12 patch you do NOT need to apply
this patch.  For details on the xv 3.10a rollup 2001-05-12 patch, see:

    http://www.isthe.com/chongo/src/xv-patch/index.html

=-=

Disclaimers

This patch is being distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE.  This patch is in the public
domain and is NOT copyrighted. That is, use this patch at your own risk.

I do NOT maintain xv. Please do NOT send me xv bug reports. Send xv bug
reports (and fixes) to the xv tech EMail address:

	http://www.trilon.com/xv/index.html#email

I did NOT write xv. You are welcome to ``Share and Enjoy'' xv and send
$25 to John Bradley. :-)

chongo (http://www.isthe.com/chongo/index.html) /\oo/\

=-=

*** vdcomp.c.init	Sat May 12 14:29:34 2001
--- vdcomp.c	Sat May 12 14:38:14 2001
***************
*** 124,129 ****
--- 124,131 ----
  #define TRUE                  1
  #define FALSE                 0
  
+ #define NAMELEN 1024		    /* inname and outname sizes    */
+ 
                                      /* pc i/o defines               */
  #define O_BINARY         0x8000     /* file mode is binary          */
  
***************
*** 176,182 ****
  
  int                infile;
  FILE               *outfile;
! char               inname[1024],outname[1024];
  int                output_format;
  int                record_bytes, max_lines;
  int                line_samples, fits_pad;
--- 178,184 ----
  
  int                infile;
  FILE               *outfile;
! char               inname[NAMELEN+1],outname[NAMELEN+1];
  int                output_format;
  int                record_bytes, max_lines;
  int                line_samples, fits_pad;
***************
*** 222,229 ****
      exit(1);
    }  
    else {
!     strcpy(inname,argv[1]);  
!     if (argc >= 3) strcpy(outname,argv[2]); 
      if (argc == 3) output_format = 1;
      if (argc == 4) sscanf(argv[3],"%d",&output_format); 
    }
--- 224,235 ----
      exit(1);
    }  
    else {
!     strncpy(inname, argv[1], NAMELEN);  
!     inname[NAMELEN] = '\0';
!     if (argc >= 3) {
! 	strncpy(outname, argv[2], NAMELEN);
! 	outname[NAMELEN] = '\0';
!     }
      if (argc == 3) output_format = 1;
      if (argc == 4) sscanf(argv[3],"%d",&output_format); 
    }
***************
*** 432,438 ****
  
    if (inname[0] == ' ') {
      printf("\nEnter name of file to be decompressed: ");
!     gets (inname);
    }
  
    if (host == 1 | host == 2) {
--- 438,444 ----
  
    if (inname[0] == ' ') {
      printf("\nEnter name of file to be decompressed: ");
!     fgets(inname, NAMELEN, stdin);
    }
  
    if (host == 1 | host == 2) {
***************
*** 474,486 ****
        printf("\n  3.  VICAR format.");
        printf("\n  4.  Unlabelled binary array.\n");
        printf("\n  Enter format number:");
!       gets(inname);
        output_format = atoi(inname);
      } while (output_format < 1 || output_format > 4);
  
    if (outname[0] == ' ') {
      printf("\nEnter name of uncompressed output file: ");
!     gets (outname);
    }
  
    return(host);
--- 480,492 ----
        printf("\n  3.  VICAR format.");
        printf("\n  4.  Unlabelled binary array.\n");
        printf("\n  Enter format number:");
!       fgets(inname, NAMELEN, stdin);
        output_format = atoi(inname);
      } while (output_format < 1 || output_format > 4);
  
    if (outname[0] == ' ') {
      printf("\nEnter name of uncompressed output file: ");
!     fgets(outname, NAMELEN, stdin);
    }
  
    return(host);