diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c
--- a/libexec/tftpd/tftpd.c
+++ b/libexec/tftpd/tftpd.c
@@ -609,6 +609,11 @@
  * Besides, that is four updates per hour on a file, which is kind of
  * execessive anyway.
  */
+/*
+ * Static size of '.' seperators, two digits ("nn"), and nul terminator.
+ * Ultimately, an alternative spelling of "5".
+ */
+#define	FILE_SUFFIX_SIZE	sizeof("..nn")
 static int
 find_next_name(char *filename, int *fd)
 {
@@ -616,7 +621,14 @@
 	time_t tval;
 	size_t len;
 	struct tm lt;
-	char yyyymmdd[MAXPATHLEN];
+	/*
+	 * GCC "knows" that we might write all of yyyymmdd plus the static
+	 * elemenents in the format into into newname and thus complains
+	 * unless we reduce the size.  This array is still too big, but since
+	 * the format is user supplied, it's not clear what a better limit
+	 * value would be and this is sufficent to silence the warnings.
+	 */
+	char yyyymmdd[MAXPATHLEN - FILE_SUFFIX_SIZE];
 	char newname[MAXPATHLEN];
 
 	/* Create the YYYYMMDD part of the filename */
@@ -631,16 +643,18 @@
 	}
 
 	/* Make sure the new filename is not too long */
-	if (strlen(filename) > MAXPATHLEN - len - 5) {
+	if (strlen(filename) > MAXPATHLEN - len - FILE_SUFFIX_SIZE) {
 		syslog(LOG_WARNING,
 			"Filename too long (%zd characters, %zd maximum)",
-			strlen(filename), MAXPATHLEN - len - 5);
+			strlen(filename), MAXPATHLEN - len - FILE_SUFFIX_SIZE);
 		return (EACCESS);
 	}
 
 	/* Find the first file which doesn't exist */
 	for (i = 0; i < 100; i++) {
-		sprintf(newname, "%s.%s.%02d", filename, yyyymmdd, i);
+		/* Size checked above */
+		(void)snprintf(newname, sizeof(newname), "%s.%s.%02d",
+		    filename, yyyymmdd, i);
 		*fd = open(newname,
 		    O_WRONLY | O_CREAT | O_EXCL,
 		    S_IRUSR | S_IWUSR | S_IRGRP |
@@ -651,6 +665,7 @@
 
 	return (EEXIST);
 }
+#undef FILE_SUFFIX_SIZE
 
 /*
  * Validate file access.  Since we