Hi Simon, > I don't think you need the -1 as filename will have a trailing '\0' > which is not counted in the return value of strlen() Thats true, but strncat always writes a trailing NUL, and to avoid that this one overflows the buffer, you need to subtract -1. However, this code in particular can be rewrittten to use snprintf(), which avoids the overflow and is also a bit more readable. How about the attached patch? Thanks, Dirk -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Avoid-buffer-overflow-on-strncat-usage.patch Type: text/x-patch Size: 1500 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/kexec/attachments/20140204/a18617cc/attachment.bin>
