From 3c0fa265346ec04fc8277fba9c3fe28d1e26068a Mon Sep 17 00:00:00 2001
From: Alan Somers <asomers@FreeBSD.org>
Date: Sun, 22 Jul 2018 16:14:30 +0000
Subject: Fix multiple Coverity warnings in tftpd(8)

* Initialize uninitialized variable (CID 1006502)
* strcpy => strlcpy (CID 1006792, 1006791, 1006790)
* Check function return values (CID 1009442, 1009441, 1009440)
* Delete dead code in receive_packet (not reported by Coverity)
* Remove redundant alarm(3) in receive_packet (not reported by Coverity)

Reported by:	Coverity
CID: 1006502, 1006792, 1006791, 1006790, 1009442, 1009441, 1009440
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11287
---
 libexec/tftpd/tftp-utils.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'libexec/tftpd/tftp-utils.c')

diff --git a/libexec/tftpd/tftp-utils.c b/libexec/tftpd/tftp-utils.c
index f578a7e6d831..f9f8f4dc922a 100644
--- a/libexec/tftpd/tftp-utils.c
+++ b/libexec/tftpd/tftp-utils.c
@@ -270,11 +270,13 @@ char *
 rp_strerror(int error)
 {
 	static char s[100];
+	size_t space = sizeof(s);
 	int i = 0;
 
 	while (rp_errors[i].desc != NULL) {
 		if (rp_errors[i].error == error) {
-			strcpy(s, rp_errors[i].desc);
+			strlcpy(s, rp_errors[i].desc, space);
+			space -= strlen(rp_errors[i].desc);
 		}
 		i++;
 	}
-- 
cgit v1.2.3