3 files changed, 23 insertions, 15 deletions

diff --git a/shared.c b/shared.c
index f7b64cf..609bd2a 100644
--- a/shared.c
+++ b/shared.c
@@ -476,15 +476,16 @@ static int is_token_char(char c)
 static char *expand_macro(char *name, int maxlength)
 {
 	char *value;
-	int len;
+	size_t len;
 
 	len = 0;
 	value = getenv(name);
 	if (value) {
-		len = strlen(value);
+		len = strlen(value) + 1;
 		if (len > maxlength)
 			len = maxlength;
-		strncpy(name, value, len);
+		strlcpy(name, value, len);
+		--len;
 	}
 	return name + len;
 }
diff --git a/ui-shared.c b/ui-shared.c
index 066a470..739505a 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -133,20 +133,25 @@ const char *cgit_repobasename(const char *reponame)
 	static char rvbuf[1024];
 	int p;
 	const char *rv;
-	strncpy(rvbuf, reponame, sizeof(rvbuf));
-	if (rvbuf[sizeof(rvbuf)-1])
+	size_t len;
+
+	len = strlcpy(rvbuf, reponame, sizeof(rvbuf));
+	if (len >= sizeof(rvbuf))
 		die("cgit_repobasename: truncated repository name '%s'", reponame);
-	p = strlen(rvbuf)-1;
+	p = len - 1;
 	/* strip trailing slashes */
-	while (p && rvbuf[p] == '/') rvbuf[p--] = 0;
+	while (p && rvbuf[p] == '/')
+		rvbuf[p--] = '\0';
 	/* strip trailing .git */
 	if (p >= 3 && starts_with(&rvbuf[p-3], ".git")) {
-		p -= 3; rvbuf[p--] = 0;
+		p -= 3;
+		rvbuf[p--] = '\0';
 	}
 	/* strip more trailing slashes if any */
-	while ( p && rvbuf[p] == '/') rvbuf[p--] = 0;
+	while (p && rvbuf[p] == '/')
+		rvbuf[p--] = '\0';
 	/* find last slash in the remaining string */
-	rv = strrchr(rvbuf,'/');
+	rv = strrchr(rvbuf, '/');
 	if (rv)
 		return ++rv;
 	return rvbuf;
diff --git a/ui-ssdiff.c b/ui-ssdiff.c
index 7f261ed..68c2044 100644
--- a/ui-ssdiff.c
+++ b/ui-ssdiff.c
@@ -114,11 +114,10 @@ static char *replace_tabs(char *line)
 {
 	char *prev_buf = line;
 	char *cur_buf;
-	int linelen = strlen(line);
+	size_t linelen = strlen(line);
 	int n_tabs = 0;
 	int i;
 	char *result;
-	char *spaces = "        ";
 
 	if (linelen == 0) {
 		result = xmalloc(1);
@@ -126,20 +125,23 @@ static char *replace_tabs(char *line)
 		return result;
 	}
 
-	for (i = 0; i < linelen; i++)
+	for (i = 0; i < linelen; i++) {
 		if (line[i] == '\t')
 			n_tabs += 1;
+	}
 	result = xmalloc(linelen + n_tabs * 8 + 1);
 	result[0] = '\0';
 
-	while (1) {
+	for (;;) {
 		cur_buf = strchr(prev_buf, '\t');
 		if (!cur_buf) {
 			strcat(result, prev_buf);
 			break;
 		} else {
 			strncat(result, prev_buf, cur_buf - prev_buf);
-			strncat(result, spaces, 8 - (strlen(result) % 8));
+			linelen = strlen(result);
+			memset(&result[linelen], ' ', 8 - (linelen % 8));
+			result[linelen + 8 - (linelen % 8)] = '\0';
 		}
 		prev_buf = cur_buf + 1;
 	}