diff -wurNbB squid-2.3.STABLE3/src/cachemgr.c squid-2.3.STABLE3PR1/src/cachemgr.c
--- squid-2.3.STABLE3/src/cachemgr.c	Wed Feb  9 23:29:53 2000
+++ squid-2.3.STABLE3PR1/src/cachemgr.c	Wed May 17 09:39:44 2000
@@ -351,6 +351,7 @@
     const char *ttag;
     char *buf_copy;
     char *x, *p;
+    int sz;
     int l = 0;
     /* does it look like a table? */
     if (!strchr(buf, '\t') || *buf == '\t') {
@@ -362,14 +363,20 @@
     }
     /* start html table */
     if (!table_line_num) {
-	l += snprintf(html + l, sizeof(html) - l, "</pre><table border=1 cellpadding=2 cellspacing=1>\n");
+	l += sz = snprintf(html + l, sizeof(html) - l, "</pre><table border=1 cellpadding=2 cellspacing=1>\n");
+	/* Force de pointer to buffer limits */
+	if( l > sizeof(html) || sz == -1 )
+		l = sizeof(html);
 	next_is_header = 0;
     }
     /* remove '\n' */
     is_header = (!table_line_num || next_is_header) && !strchr(buf, ':') && !is_number(buf);
     ttag = ttags[is_header];
     /* record starts */
-    l += snprintf(html + l, sizeof(html) - l, "<tr>");
+    l += sz = snprintf(html + l, sizeof(html) - l, "<tr>");
+    /* Force de pointer to buffer limits */
+    if( l > sizeof(html) || sz == -1 )
+	l = sizeof(html);
     /* substitute '\t' */
     buf_copy = x = xstrdup(buf);
     if ((p = strchr(x, '\n')))
@@ -381,14 +388,20 @@
 	    column_span++;
 	    x++;
 	}
-	l += snprintf(html + l, sizeof(html) - l, "<%s colspan=%d align=\"%s\">%s</%s>",
+	l += sz = snprintf(html + l, sizeof(html) - l, "<%s colspan=%d align=\"%s\">%s</%s>",
 	    ttag, column_span,
 	    is_header ? "center" : is_number(cell) ? "right" : "left",
 	    cell, ttag);
+    	/* Force de pointer to buffer limits */
+	if( l > sizeof(html) || sz == -1 )
+		l = sizeof(html);
     }
     xfree(buf_copy);
     /* record ends */
-    l += snprintf(html + l, sizeof(html) - l, "</tr>\n");
+    l += sz = snprintf(html + l, sizeof(html) - l, "</tr>\n");
+    /* Force de pointer to buffer limits */
+    if( l > sizeof(html) || sz == -1 )
+	l = sizeof(html);
     next_is_header = is_header && strstr(buf, "\t\t");
     table_line_num++;
     return html;
@@ -555,6 +568,9 @@
 	req->hostname,
 	req->action,
 	make_auth_header(req));
+    /* Force de pointer to buffer limits */
+    if( l > sizeof(buf) || l == -1 )
+	l = sizeof(buf);
     write(s, buf, l);
     debug(1) fprintf(stderr, "wrote request: '%s'\n", buf);
     return read_reply(s, req);
@@ -725,6 +741,7 @@
 make_auth_header(const cachemgr_request * req)
 {
     static char buf[1024];
+    int sz;
     off_t l = 0;
     const char *str64;
     if (!req->passwd)
@@ -733,10 +750,15 @@
     snprintf(buf, sizeof(buf), "%s:%s",
 	req->user_name ? req->user_name : "",
 	req->passwd);
-
     str64 = base64_encode(buf);
-    l += snprintf(buf, sizeof(buf), "Authorization: Basic %s\r\n", str64);
-    l += snprintf(&buf[l], sizeof(buf) - l,
+    l += sz = snprintf(buf, sizeof(buf), "Authorization: Basic %s\r\n", str64);
+    /* Force de pointer to buffer limits */
+    if( l > sizeof(buf) || sz == -1 )
+	l = sizeof(buf);
+    l += sz = snprintf(&buf[l], sizeof(buf) - l,
 	"Proxy-Authorization: Basic %s\r\n", str64);
+    /* Force de pointer to buffer limits */
+    if( l > sizeof(buf) || sz == -1 )
+	l = sizeof(buf);
     return buf;
 }

