From 55f0a986d2c819731e45e5612dfc76a5d1ca76ce Mon Sep 17 00:00:00 2001
From: Ronan Le Martret <ronan.lemartret@iot.bzh>
Date: Tue, 29 Aug 2017 16:09:07 +0200
Subject: fix strncat funct

I: Statement might be overflowing a buffer in strncat. Common mistake:
  BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument
  GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1)

Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
---
 filescan-utils.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/filescan-utils.c b/filescan-utils.c
index e735682..f1de9d0 100644
--- a/filescan-utils.c
+++ b/filescan-utils.c
@@ -49,8 +49,8 @@ PUBLIC json_object* ScanForConfig (const char* searchPath, CtlScanDirModeT mode,
                 if (dirEnt->d_name[0]=='.' || dirEnt->d_name[0]=='_') continue;
 
                 strncpy(newpath, searchPath, sizeof(newpath));
-                strncat(newpath, "/", sizeof(newpath));
-                strncat(newpath, dirEnt->d_name, sizeof(newpath));
+                strncat(newpath, "/", sizeof(newpath)-strlen(newpath)-1);
+                strncat(newpath, dirEnt->d_name, sizeof(newpath)-strlen(newpath)-1);
                 ScanDir(newpath);
                 continue;
             }
-- 
cgit 1.2.3-korg