AuthAudit: clean up string handling calls

The extra "out" pointer to redirect writes to the array isn't needed since
the removal of LBX (commit a9ed5a8790), and eliminating it allows more
logical use of sizeof(addr) in length-checked strlcpy & snprintf calls to
write to it.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>

os/connection.c

@@ -499,7 +499,6 @@ AuthAudit (ClientPtr client, Bool letin,
     unsigned int proto_n, char *auth_proto, int auth_id)
 {
     char addr[128];
-    char *out = addr;
     char client_uid_string[64];
     LocalClientCredRec *lcc;
 #ifdef XSERVER_DTRACE
@@ -508,7 +507,7 @@ AuthAudit (ClientPtr client, Bool letin,
 #endif
 
     if (!len)
-        strcpy(out, "local host");
+        strlcpy(addr, "local host", sizeof(addr));
     else
 	switch (saddr->sa_family)
 	{
@@ -516,11 +515,11 @@ AuthAudit (ClientPtr client, Bool letin,
 #if defined(UNIXCONN) || defined(LOCALCONN)
 	case AF_UNIX:
 #endif
-	    strcpy(out, "local host");
+	    strlcpy(addr, "local host", sizeof(addr));
 	    break;
 #if defined(TCPCONN) || defined(STREAMSCONN)
 	case AF_INET:
-	    sprintf(out, "IP %s",
+	    snprintf(addr, sizeof(addr), "IP %s",
 		inet_ntoa(((struct sockaddr_in *) saddr)->sin_addr));
 	    break;
 #if defined(IPv6) && defined(AF_INET6)
@@ -528,13 +527,13 @@ AuthAudit (ClientPtr client, Bool letin,
 	    char ipaddr[INET6_ADDRSTRLEN];
 	    inet_ntop(AF_INET6, &((struct sockaddr_in6 *) saddr)->sin6_addr,
 	      ipaddr, sizeof(ipaddr));
-	    sprintf(out, "IP %s", ipaddr);
+	    snprintf(addr, sizeof(addr), "IP %s", ipaddr);
 	}
 	    break;
 #endif
 #endif
 	default:
-	    strcpy(out, "unknown address");
+	    strlcpy(addr, "unknown address", sizeof(addr));
 	}
 
     if (GetLocalClientCreds(client, &lcc) != -1) {