From 78a1b1f17d2d6566f52664f13a63608d41e58728 Mon Sep 17 00:00:00 2001
From: truckman <truckman@FreeBSD.org>
Date: Thu, 12 May 2016 06:39:13 +0000
Subject: Use strlcpy() instead of strncpy() to copy the string returned by
 setlocale() so that static analyzers know that the string is NUL terminated. 
 This was causing a false positive in Coverity even though the longest string
 returned by setlocale() is ENCODING_LEN (31) and we are copying into a 64
 byte buffer.  This change is also a bit of an optimization since we don't
 need the strncpy() feature of padding the rest of the destination buffer with
 NUL characters.

Reported by:	Coverity
CID:		974654
---
 lib/libfetch/http.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/libfetch/http.c')

diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c
index ca522a6..f80404d 100644
--- a/lib/libfetch/http.c
+++ b/lib/libfetch/http.c
@@ -875,7 +875,7 @@ http_parse_mtime(const char *p, time_t *mtime)
 	char locale[64], *r;
 	struct tm tm;
 
-	strncpy(locale, setlocale(LC_TIME, NULL), sizeof(locale));
+	strlcpy(locale, setlocale(LC_TIME, NULL), sizeof(locale));
 	setlocale(LC_TIME, "C");
 	r = strptime(p, "%a, %d %b %Y %H:%M:%S GMT", &tm);
 	/*
-- 
cgit v1.1