From 80ce19337573b31c372251ea5af4e66f4b75e7ef Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 6 Jun 2019 11:46:58 -0400
Subject: [PATCH] Remove strerror() calls from k5_get_error()

Coverity models strerror() as a function which cannot accept negative
values, even though it has defined behavior on all integers.
k5_get_error() contains code to call strerror_r() and strerror() if
its fptr global is unset, which isn't an expected case in practice.
To silence a large number of Coverity false positives, just return a
fixed string if fptr is null.

(cherry picked from commit 2d400bea7a81a5a834a1be6ded439f18e0afa5ba)
---
 src/util/support/errors.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/util/support/errors.c b/src/util/support/errors.c
index 70e1d59d0..f8bea07a3 100644
--- a/src/util/support/errors.c
+++ b/src/util/support/errors.c
@@ -78,10 +78,9 @@ k5_get_error(struct errinfo *ep, long code)
 
     lock();
     if (fptr == NULL) {
+        /* Should be rare; fptr should be set whenever libkrb5 is loaded. */
         unlock();
-        if (strerror_r(code, buf, sizeof(buf)) == 0)
-            return oom_check(strdup(buf));
-        return oom_check(strdup(strerror(code)));
+        return oom_check(strdup(_("Error code translation unavailable")));
     }
     r = fptr(code);
 #ifndef HAVE_COM_ERR_INTL