Fix potential buffer overflow in strncat() invocation

strncat() will copy at most the specified number of characters and append the null character on top of that. strlen() doesn't count the final null character.
2016-11-10 17:43:36 -08:00 · 2016-11-10 17:43:36 -08:00 · 92423a466e
commit 92423a466e
parent e8185caf31
1 changed files with 1 additions and 1 deletions
--- a/sesman/chansrv/chansrv_fuse.c
+++ b/sesman/chansrv/chansrv_fuse.c
@ -2200,7 +2200,7 @@ static void xfuse_remove_dir_or_file(fuse_req_t req, fuse_ino_t parent,
    }

    strcat(full_path, "/");
-    strncat(full_path, name, sizeof(full_path) - strlen(full_path));
+    strncat(full_path, name, sizeof(full_path) - strlen(full_path) - 1);

    if (xinode->is_loc_resource)
    {