Make sure we don't overflow buffers if input is really big.

Also move the string array to local scope.

Patch by Mike Frysinger <vapier@gentoo.org>

--- str.c
+++ str.c
@@ -103,4 +103,11 @@
             break;
             }
+        else if(str2-str+1 >= lim)
+            {
+            fprintf(stderr, "String too large for buffer of %i chars; truncated\n", lim-1);
+            ret_val = FALSE;
+            *str2 = '\0';
+            break;
+            }
         switch(*str2)
             {
--- funct.c
+++ funct.c
@@ -88,5 +88,4 @@
 }
 
-char string[128];
 
 /* the date function */
@@ -97,4 +96,5 @@
     struct tm *loc_time;
     time_t lt;
+    char string[128];
 
     lt = time(NULL);
@@ -102,5 +102,5 @@
     str_esc(str, work_str, sizeof(work_str));
     loc_time = localtime(&lt);
-    strftime(string, 128, work_str, loc_time);
+    strftime(string, sizeof(string), work_str, loc_time);
 
     printf("%s", string);