From bb6ded797566111f72e4fae423a968e71f6cb482 Mon Sep 17 00:00:00 2001
From: Christian Beer <christian.beer@aei.mpg.de>
Date: Thu, 22 Oct 2015 15:08:08 +0200
Subject: [PATCH] use safe_strcpy to prevent buffer overflow

fixes CID 27777, 27797 found by Coverity
---
 tools/create_work.cpp | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tools/create_work.cpp b/tools/create_work.cpp
index 966a63040d..0dc30dad3b 100644
--- a/tools/create_work.cpp
+++ b/tools/create_work.cpp
@@ -151,13 +151,13 @@ void JOB_DESC::parse_cmdline(int argc, char** argv) {
         if (arg(argv, i, (char*)"command_line")) {
             command_line = argv[++i];
         } else if (arg(argv, i, (char*)"wu_name")) {
-            strcpy(wu.name, argv[++i]);
+            safe_strcpy(wu.name, argv[++i]);
         } else if (arg(argv, i, (char*)"remote_file")) {
             INFILE_DESC id;
             id.is_remote = true;
-            strcpy(id.url, argv[++i]);
+            safe_strcpy(id.url, argv[++i]);
             id.nbytes = atof(argv[++i]);
-            strcpy(id.md5, argv[++i]);
+            safe_strcpy(id.md5, argv[++i]);
             infiles.push_back(id);
         } else if (arg(argv, i, "target_host")) {
             assign_flag = true;
@@ -176,7 +176,7 @@ void JOB_DESC::parse_cmdline(int argc, char** argv) {
             }
             INFILE_DESC id;
             id.is_remote = false;
-            strcpy(id.name, argv[i]);
+            safe_strcpy(id.name, argv[i]);
             infiles.push_back(id);
         }
     }
@@ -249,7 +249,7 @@ int main(int argc, char** argv) {
         } else if (arg(argv, i, "command_line")) {
             jd.command_line= argv[++i];
         } else if (arg(argv, i, "additional_xml")) {
-            strcpy(jd.additional_xml, argv[++i]);
+            safe_strcpy(jd.additional_xml, argv[++i]);
         } else if (arg(argv, i, "wu_id")) {
             jd.wu.id = atoi(argv[++i]);
         } else if (arg(argv, i, "broadcast")) {
@@ -291,9 +291,9 @@ int main(int argc, char** argv) {
         } else if (arg(argv, i, (char*)"remote_file")) {
             INFILE_DESC id;
             id.is_remote = true;
-            strcpy(id.url, argv[++i]);
+            safe_strcpy(id.url, argv[++i]);
             id.nbytes = atof(argv[++i]);
-            strcpy(id.md5, argv[++i]);
+            safe_strcpy(id.md5, argv[++i]);
             jd.infiles.push_back(id);
         } else if (arg(argv, i, "verbose")) {
             verbose = true;