commit d475dd0dd4e08388c409cffce81082d0fbe3843f
from: Stefan Sperling <stsp@stsp.name>
date: Mon Jun 04 18:52:43 2018 UTC

use strlcpy instead of strncpy

commit - 4738e5f499f2ed84e2f37b8207dddf4a2d581a8e
commit + d475dd0dd4e08388c409cffce81082d0fbe3843f
blob - e4dd8510e0e219104e5ce8af402ed11a4992bc0b
blob + 3d2c3d676cee7da0a119cad2ac529069548d7e13
--- lib/pack.c
+++ lib/pack.c
@@ -506,8 +506,9 @@ get_packfile_path(char **path_packfile, struct got_rep
 		return got_error_from_errno();
 
 	/* Copy up to and excluding ".idx". */
-	strncpy(*path_packfile, packidx->path_packidx,
-	    size - strlen(".idx") - 2);
+	if (strlcpy(*path_packfile, packidx->path_packidx,
+	    size - strlen(".idx") - 1) >= size)
+		return got_error(GOT_ERR_NO_SPACE);
 
 	if (strlcat(*path_packfile, GOT_PACKFILE_SUFFIX, size) >= size)
 		return got_error(GOT_ERR_NO_SPACE);