On Mon, Sep 03, 2012 at 04:37:42PM +0200, rustyBSD wrote: > /usr/src/sbin/disklabel/disklabel.c > lines: 333 & 1092 & 1096 > > Is this me, or these strncpy() may cause off-by-one > overflows ? > > In an use like this: > > strncpy(a, b, sizeof(a)); > > the null terminator will be added beyond the end of > a if b has the same size (or a larger size). > > Should use something like: > > strncpy(a, b, sizeof(a) - 1); >
or, better yet, replaced by strlcpy(3)
