AmendHub

--- session.c Tue Mar 7 20:52:37 2023 +++ session.c Tue Mar 7 22:51:17 2023 @@ -601,7 +601,7 @@ session_vprintf(struct session *session, const char *f session_printf_ebuf[en++] = format[n]; - if (en >= sizeof(session_printf_ebuf)) + if (en >= sizeof(session_printf_ebuf) - 1) panic("session_printf_ebuf overflow!"); session_printf_ebuf[en] = '\0'; } @@ -1271,7 +1271,7 @@ session_expand_var(struct session *session, char *ivar *ret = (char *)&retval; retlen = 0; - if (sscanf(ivar, "%127[^|]|%ld%n", &var, &retsize, &count) == 2 && + if (sscanf(ivar, "%127[^|]|%lu%n", &var, &retsize, &count) == 2 && count > 0) { /* field of fixed length, either truncated or padded */ if (retsize > sizeof(retval)) @@ -1313,7 +1313,7 @@ session_expand_var(struct session *session, char *ivar mail_find_ids_for_user(session->user, &unread_count, NULL, 0, 0, true); if (unread_count) - retlen = sprintf(retval, "(%ld New)", unread_count); + retlen = sprintf(retval, "(%lu New)", unread_count); } } else if (var[0] == '"') { /* a literal string, remove leading and trailing quotes */ @@ -1517,13 +1517,13 @@ session_who(struct session *s) idle = Time - sessions[n]->last_input_at; if (idle < 60) - sprintf(idle_s, "%lds", idle); + sprintf(idle_s, "%lus", idle); else if (idle < (60 * 60)) - sprintf(idle_s, "%ldm", idle / 60); + sprintf(idle_s, "%lum", idle / 60); else if (idle < (60 * 60 * 24)) - sprintf(idle_s, "%ldh", idle / (60 * 60)); + sprintf(idle_s, "%luh", idle / (60 * 60)); else - sprintf(idle_s, "%ldd", idle / (60 * 60 * 24)); + sprintf(idle_s, "%lud", idle / (60 * 60 * 24)); snprintf(username, sizeof(username), "%s%s", sessions[n]->user ? sessions[n]->user->username : GUEST_USERNAME,